Security | Texas Tech University Health Sciences Center

Ï㽶ֱ²¥

Ï㽶ֱ²¥ students walking through Lubbock campus courtyard.

Security

Balancing Security and Functionality

The mission of the IT Security team is to ensure the confidentiality, integrity, and availability of the university’s data and information systems while maintaining the principles contained within the framework of rules, regulations, and statutes established by the federal and state government. Governance for all information security and ensuring the protection of Ï㽶ֱ²¥ information is the responsibility of the Information Security Officer (ISO). The ISO directs all security tasks through two functional teams; IT Security Operations and Governance Risk and Compliance. 

 

Man at laptop working with cybersecurity


Security Operations

Security Operations is responsible for protecting Ï㽶ֱ²¥ assets and data through proactive security measures and continuous improvement. The operations team works to ensure appropriate application of security processes while maintaining the access and functionality needed continue the flow of business for Ï㽶ֱ²¥. 

Ï㽶ֱ²¥ IT Security provides the following services >

  • Web and Email Security (protecting against malicious intrusions and data loss)
  • Antivirus and other endpoint security application management
  • Conducts security reviews for system changes and software requests
  • Security Awareness Training
  • Proactive Vulnerability Management
  • Security Incident Response
Person working on company policy at a laptop

Governance, Risk, and Compliance (GRC)

Governance, Risk, and Compliance (GRC) is the area of IT Security that enforces the security standards for the creation, storage, and transmission of Ï㽶ֱ²¥ data. GRC works with the Office of Institutional Compliance and the Information Security Officer (ISO), to review and assess systems during their entire lifecycle. This includes purchase, implementation, use, and disposal, to ensure the confidentiality, availability, and integrity of Ï㽶ֱ²¥ data and systems.

GRC Services
  • Assessments: Conducts regular security assessments on mission critical institutional assets.
  • Security Reviews: Assists with technical security reviews for contracts, technical purchases, and payment card use compliance.
  • Documentation: Produces IT governance policies, plans, and procedures in accordance with federal and state law.