Established in 2006, the Information Security Office (ISO) is responsible for the overall direction of information security functions related to the University at Buffalo, including: IT risk management, security policies and security awareness.
ISO staff are located in the Computing Center.
The ISO’s staff works to actively promote the quality and integrity of information security throughout the University by providing guidance and direction to members of the University. This guidance helps assure compliance with security standards, appropriate policies, as well as both state and federal laws.
The ISO staff monitors and informs the University community about information security trends and their potential impacts as well as defines appropriate compliance and enforcement procedures as needed.
In the event of a security breach, the Information Security Office assumes primary oversight responsibility for managing the incident and any required reporting. To this end, the ISO’s staff is also responsible for performing forensic computer investigations related to potential data exfiltration.
The Information Security Office works closely with outside law enforcement agencies (e.g. FBI, Secret Service) as well as with University Counsel, Human Resources and University Police when information is requested or an investigation occurs that involves the University.
The Computer Discipline Office (CDO) counsels, educates and, when necessary, investigates the behaviors of individuals as they use UB's information technology assets relative to IT policies.