Risk Management

Assessing and Managing Risk

Beacon is our easy-to-use risk assessment platform. The ISO provides vulnerability scanning, penetration testing, and confidential information discovery through the platform. This also includes annual risk assessment and device registration guidance for Technical Support Professionals (TSPs). Use your NetID to log on through SSO. Accessible only from the campus network or via the Remote Access VPN.

Risk Lifecycle vector

Risk Lifecycle

All risk has a lifecycle and must be checked regularly. The frequency of these reviews depends on the type of information resources and sensitivity of the data it handles. Ongoing risk assessments for certain objects should be expected by Information Resource Owners. This section provides a breakdown of process and gives a visual reference for resource owners. 

Third-party cloud services vector

Unauthorized Services

Unauthorized third-party, cloud hosted services are not permitted on the Texas State network. The university must maintain clear contractual agreements with vendors to protect state agency data and unauthorized vendors provide no such protections. This section explains the prohibitions, policies, and best practices regarding third-party, cloud hosted services. Read more about what this means and how it applies.

Information Security Glossary

The information security glossary is a searchable and filterable glossary of terms and definitions we use in all aspects of our work. Familiarize yourself with this terminology to deepen your understanding of information security at Texas State University.