HECVAT toolkit helps higher education institutions assess cloud adoption risks

2020-02-05 06:30

Before settling on a solution they must assess it for security and privacy needs, including some that are unique to higher education.

To help them do that more expeditiously, EDUCAUSE - a US nonprofit association that aims to advance higher education through the use of information technology - has created HECVAT: the Higher Education Community Vendor Assessment Toolkit.

About HECVAT. "The HECVAT provides a suite of questionnaires about information security and privacy controls to help higher education institutions appropriately assess third party and cloud services," Brian Kelly, Director of the Cybersecurity Program at EDUCAUSE, told Help Net Security.

Its benefits for the former are obvious, and for the latter, it reduces the burden that service providers face in responding to requests for unique security risk assessments from higher education institutions.

"As adoption and use grow, the EDUCAUSE member-led Higher Education Information Security Council, Internet 2, and the REN-ISAC will continue to collaborate and work on the HECVAT to meet the needs of the higher education community. While established amongst information security practitioners, we'll be promoting the HECVAT's use to university business officers, risk managers and procurement groups over the next year."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/T0XMwNW4TvA/

#cloud