Support
An ITCS technician will respond to support requests during regular operating hours.
Phone: 252-328-9866 / 800-340-7081
Submit a Ticket
Overview
We Help You Choose Compliant, Compatible Technology
ITCS evaluates new and existing technology for colleges/departments to ensure compatibility with ECU’s platforms and infrastructure (network, application and environmental controls) to identify any potential security threats. This assessment also includes verification of compliance regarding Protected Health Information (HIPAA), Academic (FERPA), SSN/PII (ITPA), Credit Card Numbers (PCI), and other sensitive data types.
When is a Technology Security Assessment Necessary?
- Department purchases a new technology
- Requisition – Materials Management submits the assessment request.
- ProCard – The department submits the assessment request.
- Department already owns a technology, and…
- …the technology has never been assessed. The department submits the assessment request.
- …the technology’s use case has altered, and a re-assessment is necessary. Cloud-based solutions utilizing sensitive data are reviewed ANNUALLY or during renewal cycle. The department submits the assessment request.
- Department is contemplating a software purchase (department submits the assessment request)
Related Links
Software Accessibility Review Request - Complete this request to have a software purchase reviewed for accessibility based on Section 508 guidelines and W3C Content Accessibility Guidelines.
Available To
Faculty, Staff, Researchers
Get Started
What Information Do You Need?
Required information for a cloud-based solution:
- Vendor’s geographic location or third-party data center
- Vendor’s (or third party’s) security policy
- Authentication process and user login URL
- The software’s auditing capabilities
- Username and password configuration including encryption methods
- Data encryption details in both transit and storage
- Your Business Continuity Plan if the software/application is unavailable
- Hosting entity’s Disaster Recovery Plan
- Hosting entity’s report or letter certifying a successful SSAE16 or SOC report issued by a credentialed auditing firm within the last year
Required information for a hosted, onsite solution:
- Authentication process
- Software’s auditing capabilities
- Data storage location
- Username and password configuration plus encryption methods
- Your Business Continuity Plan if the product is unavailable
Related Policies and Guidelines
Fees
No fees are associated with this service.