Search Google Appliance

Information Technology

Foundational Information Security Controls Project Overview

In order to reduce risk to university business processes and to support the campus mission, UMass IT is engaging the campus in implementing foundational information security controls (anti-virus, patch management, encryption, firewalls) on university computers.

In 2014 the Chancellor tasked Vice Chancellor for Information Services and Strategy, Julie Buehler, to implement four foundational information security controls (anti-virus, patch management, encryption, firewalls) on all university owned desktops and laptops as part of the overall information security program.  Simultaneously, the Chancellor instructed the Campus Leadership Council to lend their support to this process. 

A robust information security program is necessary for effective business operations and continuity, regulatory compliance and risk management.  A security program includes administrative measures (institutional policy), technical controls (security software and hardware) and physical security (secure physical access to systems and data).

At this stage of the development of Internet security, anti-virus, patch management, encryption, and firewalls are standard foundational information security controls applied to computer systems.  All users of the network or any UMass Amherst information technology systems are responsible for the maintenance of appropriate and secure use of those resources, including the adoption and upkeep of these foundational technical controls.

UMass IT is engaging the campus in an ongoing project to implement these foundational information security controls on university owned desktop and laptop computers. We look forward to partnering with colleges/departments/units to complete this project, which is in overall support of the UMass Amherst mission by reducing risk and potential disruptions.

If have any questions about this project, please contact Jake Cunningham ( 


UMass Amherst IT is currently engaged in a project to implement security controls for desktop and laptop management in academic and administrative departments on campus. The most critical security controls include:

  • Anti-virus software
  • Patching & central management of University-owned computers
  • Encryption
  • Firewalls