Web Service Assessment Helps to Protect University Data

The integrity of University data and the protection of personally identifiable information is of critical importance. Working with schools and departments to secure these assets, the NUIT Information Security Vulnerability Assessment Program assists in the auditing, identification, and remediation of technology security vulnerabilities.

Starting November 19, a new, specialized service of the program will now also proactively assess Web site vulnerabilities that could allow unauthorized access to a server or other device. This service assists in the discovery of security flaws before they are exploited by attackers.

Specifically, the Web Services Assessment provides:

• Manual scans for vulnerabilities on a school or department Web site
• Review for outdated software versions and other vulnerabilities, such as Cross-Site Scripting (XSS) and SQL injection
• Printed report of assessment findings and any personally identifiable information or University data found
• Review of any existing Web security scans already completed by customer
• Remediation plan if vulnerabilities exist
  

Department and school Web site administrators will be contacted by NUIT's Information & Systems Security/Compliance group to schedule a mutually agreeable time to run a Web Services Assessment. If you suspect the security of your Web site and you would like to request an assessment, contact ISS/C's Jeff Holland at 847-467-3569.

Assessments are scheduled one week in advance, take about four hours to complete, and require the availability of the Web site owner during that time.

• Vulnerability Assessment Program

Information & Systems Security/Compliance

Jeff Holland
847-467-3569
Security Vulnerability Analyst, Information & Systems Security/Compliance