IT Security and Compliance

Description of Service

This service provides faculty, staff, and students with access to support and guidance on IT security and compliance matters at the university. This includes:

• Helping faculty, staff, and students learn how to be safe online.
• Responding to compromised accounts and devices.
• Providing resources and online training for IT security (login required).
• Assisting faculty and staff with assessments regarding regulatory (e.g. PCI), legislative (e.g. HIPA), and other security requirements.
• Managing the university’s IT threat and risk management/privacy impact assessment process.
• Installing, operating, and maintaining the university’s video surveillance systems (i.e. CCTV and Patrol Vehicle camera system).
• Installing, operating, and maintaining the university’s security intrusion alarm systems.
• Installing, operating and maintaining the university's card access systems.
• Monitoring the university’s network and systems to ensure security is being proactively maintained.

The service also establishes information security best practices and standards for the university; recommends tools to manage IT systems and mitigate risk; monitors the university’s overall IT security posture; and assesses and reports on the university’s IT security maturity.

Access

Report an IT Security Incident if you suspect your private information has been breached, your account, workstation or website was hacked, or your device is lost or stolen.

Forward phishing emails to phishing@usask.ca.

Staff can request IT security and compliance from IT Support Services using the following methods:

• Submit an Online Ticket
• Phone: Internal: 2222 or External: 306-966-2222 or 1-800-966-4817 Toll Free in Canada
• Email: itsupport@usask.ca

Availability of Support

Core Hours: 8:00 am–5:00 pm Monday to Friday
After Hours: N/A

Service Standards

• Service levels and support commitments are outlined in the ICT Core Services Service Level Agreement.

Service Exclusions, Limitations, and Restrictions

• ICT may scan devices connected to the university network for security issues and vulnerabilities. Network traffic may be monitored to help ensure a reliable network service and to protect the university community.
• The university’s IT services are not to be used to download or distribute illegal or unlicensed material. Notices from third parties of copyright violations will be passed along.
• Devices suspected to be in violation of laws and university policies or that pose a threat to the rest of the university may be disconnected from the university network.
• Use, transfer, and storage of credit card numbers must comply with Payment Card Industry security standards.

Service Charges

• There are no charges associated with using the IT security and compliance service.

Additional Resources

• Information Security
• Report an IT Security Incident (login required)
• PCI Compliance (login required)
• Virus and Malware Removal form (login required)
• Information Technology Security Policy
• Video Surveillance (CCTV) and Electronic Access Control

Related Terms

Abuse, Advising and consulting, Compliance, Compromised account, Computer virus, Credit card, Crypto locker, Cyber attacks, Cyber security, Cybercrime, Cybersecurity, HIPA, IT security, IT security incident, Infected attachment, Information technology security, Moneris(?), PCI, Payment Card Industry Data Security Standard (PCI DSS), Phishing, Ransomware, Risk management, Spam, Suspicious email, TRA/PIA