Section content mobile menu toggleSection Content

University of Hawai‘i Information Security Program

The University of Hawai‘i System encompasses 10 accredited campuses and additional education, training, and research centers on six islands throughout the State of Hawai‘i. This highly decentralized and complex organization is dedicated to the highest standards of scholarship and service, which requires an open flow of information and communication.

Unfortunately, over the last decade, the emergence of increasing abuse by criminals of personal information used by universities, such as social security numbers and credit card or other banking information, has challenged the decentralized culture of free flow of information. In today's world, access to personal information must be restricted to uses where it is necessary and close guarded wherever it is stored or used. Those individuals whose personal information has been entrusted to the University deserve no less.

While information security has long been the responsibility of each campus, as of 2011 the University leadership has committed to establishing and resourcing a new systemwide information security program. This approach is more cost-effective and comprehensive than is possible by continuing the decentralized approach that has been in use.

The University of Hawai‘i Information Security Program is comprised of the following strategic areas:

  • Data Governance and Oversight
  • Information Security Audits & Risk Assessments
  • Information Security Policies & Procedures
  • Identity Management & Access Controls
  • Information Security Training and Awareness

Information Security Governance Structure

Additionally, the University has established an Information Security Governance Structure. This leadership group is tasked with ensuring that all information security policies, procedures and other initiatives are implemented and maintained within their authorities. This leadership group is comprised of senior campus administrators (appointed by their Chancellors) and IT Security Leads (technology support staff designated by their campus leadership or dean/director). This leadership group meets each semester and once during summer.