SAS Computing Information Security staff help safeguard the security and privacy of confidential University data. Services include:

• Conducting the Security and Privacy Impact Assessment (SPIA) for SAS.  The SPIA process visits each department in the School and helps promote best practices for handling confidential data.  SPIA also helps identify security and privacy issues for web sites and services provided by outside contractors
• Running security scans of Unix and Linux servers in SAS to assure that they are well protected
• Evaluating security implications of services or programming code provided by outside contractors
• Configuration of Drupal web sites hosted by SAS Computing, vetting new modules, and performing security reviews on sites before publication
• Responding to reports of breaches of information security or privacy and coordinating with Penn's Privacy Officer.
• Representing SAS on University committees related to information security and privacy.

Please with your questions about how to protect University data or report any possible breach of security

SAS Information Security

• Drupal
• Symfony2
• SPIA
• InfoSec research (coming soon)