Search11 Results

The Higher Education Community Vendor Assessment Toolkit (HECVAT) is a standardized questionnaire created by and for the higher education community. It helps institutions like ours assess how well potential vendors (especially technology service providers) meet our requirements for cybersecurity, data privacy, and compliance with laws like FERPA. The HECVAT facilitates a thorough risk review by providing a detailed checklist that vendors fill out to give us a picture of their security practices.

The Minnesota State guidance on generative AI services requires adherence to standard procurement processes, including legal, security, and contract reviews, even for zero-cost services. Authorized services with data security contracts include Adobe Express & Creative Cloud, Microsoft 365 Copilot, and Zoom AI Companion. Highly restricted or restricted data, like personal health information or student grades, must not be used with non-contracted services like ChatGPT.

Crestron device is malfunctioning at your residence hall

This guide is designed for departments considering or using external vendors for services involving payment card information. It highlights the need for assessing the Payment Card Industry Data Security Standard (PCI DSS). The guide covers key terms such as HECVAT, PCI DSS, SAQ, AOC, and SOC 2 Type II Report, providing simple explanations for each. It also includes a draft email template to help collect the necessary documentation from vendors.

How to stay safe from scams/phishing, malware, viruses and more.

Antivirus software available to faculty, staff, and currently enrolled students

How to block and report scam/phishing calls

Antiviruses and SCSU VPN

What is Office 365 MFA?

What are Safe Links and how do they impact email

How to make changes to your Office 365 MFA verification methods.