Skip to main content

About

Colleges and universities amass a great deal of information. Most of this information is now collected, processed, and stored on computers and transmitted across networks. In some cases, protecting this information is a legal requirement and in others, it is necessary to be compliant with industry standards such as PCI or HIPAA.

For Radford University, the Code of Virginia as well as certain U.S. Codes require that effective IT security measures be in place.  The Information Security Officer is responsible for developing, coordinating and managing the University’s information security program. The ISO duties are as follows:

  1. Develop and manage an information security program in a manner commensurate with risk.
  2. Develop and manage an Intrusion Detection System (IDS) program in a manner commensurate with risk.
  3. Develop and maintain an information security awareness and training program for University IT users with access to sensitive systems, networks or data, including contractors and IT service providers. Require that all sensitive IT system users complete required IT security awareness and training activities prior to, or as soon as practicable after, receiving access to sensitive systems, and no less than annually, thereafter.
  4. Verify and validate that all University IT systems, networks and data are classified for sensitivity and maintain awareness of the security status of sensitive IT systems.
  5. Implement and maintain the appropriate balance of preventative, detective and corrective controls for University IT systems commensurate with data sensitivity, risk and systems criticality.
  6. Mitigate and report all IT security incidents in accordance with 2.2-603 of the Code of Virginia and take appropriate actions to prevent recurrence.
  7. Provide solutions, guidance, and expertise in IT security matters.
  8. Review and approve System Security Plans that provide adequate protections against security risks or disapprove System Security Plans that do not provide adequate protections against security risks, and require that the System Owner implement additional security controls on the IT system to provide adequate protections against security risks.
  9. Perform annual internal reviews and vulnerability assessments for all identified sensitive systems.
  10. Develop and lead Computer Security Incident Response Team (CSIRT) to prepare for intrusions and threats.
  11. Provide annual role-based training to system owners, data owners, system administrators and application administrators.

Digital Millenium Copyright Act (DMCA)

The Digital Millennium Copyright Act (DMCA) is a United States copyright law that criminalizes unauthorized access to and distribution of copyrighted works. It also criminalizes the act of circumventing access controls, whether or not there is actual infringement of copyright. The DMCA strengthens the penalties for copyright infringement on the Internet.

In addition to violating the University's Acceptable Use Policy [PDF], unauthorized distribution of or access to copyrighted material, including peer to peer file sharing, may subject students, faculty, and staff to civil and criminal liabilities.

The Information Security Officer (ISO) is the Registered DMCA Agent for Radford University and is listed as such in the United States Copyright Office Directory of Service Provider Agents. In order to be considered a valid DMCA notification, copyright holders must submit DMCA notifications to the ISO. Upon receiving a valid DMCA notification, the ISO will actively investigate and report findings to the Dean of Students (for alleged student infringement) or Human Resources (for alleged faculty/staff infringement) for review and possible disciplinary actions.

Radford University encourages and supports the use of legal downloading services. Educause maintains a list of these services.

    Apply NowPlan a Visit