Are you in compliance? Recent events in the news highlight the need to be more vigilant in complying with security requirements.
In many cases, the funding the university receives is accompanied by specific compliance criteria, which often dictate specific security requirements. The ability to fulfill these obligations may impact S&T’s eligibility for initial funding, continuance or future funding This can include physical, digital or process controls. Many of these funding sources require us to attest, either explicitly or implicitly, to the ability to meet the requirements.
For example, a National Science Foundation grant may require specific security control requirements. As part of the grant, investigators may attest to the ability to comply at the time the grant is awarded or to continue in compliance. Often the grant’s compliance restrictions refer to a set of guidelines that change over time or become activated based on the length of renewal or size of the portfolio of grants. When this occurs, S&T must remain in compliance or be subject to sanctions.
Recently, the Department of Justice filed a lawsuit alleging that Georgia Institute of Technology failed to adhere to the terms of specific grants. The lawsuit alleges that Georgia Tech relaxed required security standards in response to pressure from research faculty with large funding sources.
At S&T, IT security walks a careful balancing act, enabling world-changing research and supporting academic freedom while protecting university assets and reputation. Events like the lawsuit against Georgia Tech demonstrate how a lack of security compliance could jeopardize our ability to meet research obligations and put S&T’s North Star Goals at risk.
Remember, IT security is your partner and a member of the S&T family, always striving to walk that careful balance. If you have concerns, don’t hesitate to reach out. Let IT partner with you to find a solution that achieves the desired balance. Take the opportunity now to assess what restrictions may apply and if those are being properly met.
Let’s keep S&T out of the news for violations and in the headlines for our successes and service.