Skip to content Skip to navigation

Information Security Office

The Information Security Office oversees the Stanford community's efforts to protect its computing and information assets and to comply with pertinent laws, regulations, and policies. The office reports to the university's senior management through the Office of the Vice President for Business Affairs and Chief Financial Officer.

Goals

  • No incidents attributable to a lack of best practices
  • Automated standards enforcement wherever possible
  • Uniform solutions across the University, Hospitals, and SLAC
  • Balance security with usability and individual privacy
  • Stanford as a recognized leader in information security

Values

  • Mission Motivated: Support Stanford's teaching, learning, research and health care mission
  • Transparency: Build trust through openness
  • Inclusion: Build partnership through collaboration
  • Embrace and Drive Change with a Can-Do Spirit
  • Bias Toward Action: Get stuff done
  • Agility: Prototype, fail fast, iterate
  • High Value: Concentrate efforts on strategic areas with high impact
  • High Bar: Hold ourselves to a high standard and deliver excellence
  • Provide Practical Guidance: Balance security with usability and resource constraints
  • Pursue Growth and Learning: Be world class information security experts
  • Protect Individual Privacy
  • Be Proactive: Anticipate and mitigate risk
  • Be Responsive
  • Lead by Example
  • Succeed Together: Build a positive and effective team

What we do

The ISO's approach to security is more proactive than reactive, although we naturally give priority response to incidents that have institution-level impact or that require university-wide coordination. Our current focus is securing systems that affect a majority of the university, including central administrative systems and the campus data network. The ISO gives special priority to systems containing data classified as Moderate or High Risk (see the Data Classification web page).

Physical safety

If you have an issue regarding anyone's physical safety, please contact the Department of Public Safety first. If it's an emergency, dial 9-911 from any campus phone, or 911 from any cellphone or off-campus phone.

More information 

To contact the Information Security Office, please submit a HelpSU request

Our staff currently includes:

Michael Duff, Assistant Vice President and Chief Information Security Officer

Consulting Team

Security Operations (SecOps)

SoM IRT