State University of New York

 

Skip to Content

Login   Subscribe   Site Index   Contact Us   Google Translate™

NYS Comptroller

THOMAS P. DiNAPOLI

Taxpayers' Guide to State and Local Audits

State University of New York
College of Nanoscale Science and Engineering
Network Security Controls


Issued: April 25, 2013
Link to full audit report 2012-S-28

Purpose
To determine whether the network security controls at the College of Nanoscale Science and Engineering (College) are sufficient to minimize the various risks associated with unauthorized access to, or attacks on, College systems and data. Our audit period was April 18, 2012 through December 19, 2012.

Background
The College is a global education, research, development and technology operation resource dedicated to preparing the next generation of scientists and researchers in nanotechnology. The College is a unit of the University at Albany (the University), one of the four University Centers of the State University of New York (SUNY). It maintains the most advanced research complex of its kind at any university in the world. The College has a number of business relationships with both public and private organizations. As part of these relationships, the College facilitates the management and processing of financial, legal, research, and numerous other types of data. The security of this data and its supporting systems is critical. The New York Office of Cyber Security’s Information Security Policy defines a set of minimum security requirements that are considered best practices for all State entities, including SUNY campuses.

Key Finding

  • In addition to the security measures established by the University, the College has implemented its own controls that protect the security of systems and data. Our audit identified further enhancements for implementation.

Key Recommendation

  • Implement enhancements to the College’s network security that were identified during the audit.

Other Related Audits/Reports of Interest

State University of New York at Albany: Network Security Controls (2004-S-23)
Department of Civil Service: Network Security Controls (2011-S-7)


State Government Accountability Contact Information:
Audit Director: John Buyce
Phone:(518) 474-3271; Email: StateGovernmentAccountability@osc.state.ny.us
Address: Office of the State Comptroller; Division of State Government Accountability; 110 State Street, 11th Floor; Albany, NY 12236