Skip to content Skip to site navigation

Information Security Office

The Information Security Office (ISO) orchestrates the Stanford community's efforts to protect its computing and information assets and to comply with pertinent laws, regulations, and policies. The office dual reports into the Chief Information Officer and the Chief Risk Officer.


Our mission is to protect the information assets that are important to Stanford.


  • No incidents attributable to a lack of best practices
  • Automated standards enforcement wherever possible
  • Uniform solutions across the University, Hospitals, and SLAC
  • Balance security with usability and individual privacy
  • Stanford as a recognized leader in information security


  • Mission Motivated: Support Stanford's teaching, learning, research, and health care mission
  • Transparency: Build trust through openness
  • Inclusion: Build partnership through collaboration
  • High Value: Concentrate efforts on strategic areas with high impact
  • Provide Practical Guidance: Balance security with usability and resource constraints
  • Be Proactive: Anticipate and mitigate risk
  • Succeed Together: Build a positive and effective team


Michael Duff, Assistant Vice President and Chief Information Security Officer


Security Operations (SecOps):


Physical safety

If you have an issue regarding anyone's physical safety, please contact the Department of Public Safety first. If it's an emergency, dial 9-911 from any campus phone, or 911 from any cellphone or off-campus phone.

More information 

For more information, please submit a request to the Information Security Office.