As campuses deploy or identify cloud services in use, they need to ensure the cloud services are appropriately assessed. Many campuses have established a cloud security assessment methodology and have the resources to assess many of their cloud services, but few campuses have sufficient resources to assess all cloud services. A HEISC working group was formed with EDUCAUSE, Internet2, and REN-ISAC members to develop the Higher Education Cloud Vendor Assessment Tool (HECVAT), which was published in late 2016. Please join the creators of this tool to discuss goals for the HECVAT, how the tool was developed, and how to adopt the tool and integrate it into your institution's security assessment process. This is a deep dive/advanced level session.
Outcomes: Learn about the working group and how to participate in higher ed shared assessments * Learn about implementing the HECVAT at your institution * Gain insight into future efforts of the working group and how to contribute to them
Associate Vice President CIO & CISO, Baylor University
Information Security Manager, Indiana University
Program Manager, Security and Identity, Internet2
Chief Information Security Officer, University of Idaho
Policy and Compliance Coordinator, Carnegie Mellon University