The University of Hawai'i System encompasses 10 accredited campuses and additional education, training, and research centers on six islands throughout the State of Hawaii. This highly decentralized and complex organization is dedicated to the highest standards of scholarship and service, which requires an open flow of information and communication.
Unfortunately, the emergence over the last decade of increasing abuse by criminals of personal information used by universities such as social security numbers and credit card or other banking information has challenged the decentralized culture of free flow of information. In today's world, access to personal information must be restricted to only those uses where it is necessary and close guarded wherever it is stored or used. Those individuals whose personal information has been entrusted to the University deserve no less.
While information security has long been the responsibility of each campus, as of 2011 the University leadership has committed to establishing and resourcing a new systemwide information security program. This approach is more cost-effective and comprehensive than is possible by continuing the decentralized approach that has been in use.
The UH Information Security Program is comprised of the following strategic areas:
Additionally, the University has established an Information Security Governance Structure. This leadership group is tasked with ensuring that any information security policies, procedures and other initiatives are implemented and maintained within their authorities. This leadership group is comprised of senior campus administrators (appointed by their Chancellors) and IT Security Leads (technology support staff designated by their campus leadership or dean/director). This leadership group meets each semester and once during summer.