An information system is a complex, ever-changing arrangement of people, processes, and technologies. Assuring the security of such a system must involve all of these components, and should be viewed as an ongoing process balancing risk and protection. Understood completely, information security assurance involves enabling and maintaining access to appropriate information, for the right people, at the right time. Viewed in this way, security is about educational process and business practice as much as it is about the deployment of technology.
These web pages provide general security information, guidance for IT professionals, and access to security resources for the Colorado State University community. Some of this information is publicly available, while information that could be used to aid in an exploit is protected by eID authentication.