Not finding the answer to your question? Contact Michelle Bartonico at mmccullo@trinity.edu for program questions or the project manager for project-specific questions.
About the Program
CEP was initiated by the Executive Leadership Team in February 2024 to address the 4 major security gaps found in the 2023 Oculus IT audit. These gaps were identified as the most likely to occur and greatest impact – each costing the University more than $5M to recover from.
Who is at risk:
All students, faculty, and staff who use the Trinity network, engage with or share University data.
The University-wide file scan will only impact faculty and staff. Student files will not be scanned at this time.
What is at risk: Examples include student record data, personnel records, financial data, health information, and more.
The short answer is yes. Higher education has become more of a target in the past few years and, although Trinity has taken measures to protect itself against cybersecurity threats, hackers are increasingly sophisticated, and regulatory requirements are more restricted.
Think of Trinity as a house.
In this house, we have valuable items such as social security numbers, health information, credit cards, and student records. The doors to this house are locked and an alarm is in place. However, if someone successfully breaks in, our valuable items are scattered around the house and unprotected. To ensure our Trinity house is organized and safe from burglaries and misplaced items, we need to
1) inventory the valuable items,
2) organize them,
3) move sensitive items to a secure location, and
4) provide a key for approved people to access.
Steering Committee leadership:
Ben Lim, CEP Program Director and Chief Information Officer
Members:
Samantha Savoy, Manager Treasury & Financial Planning , Finance and Administration
Katharine Troyer, Director Collaborative Learning & Teaching , The Collaborative for Learning and Teaching
Jim Holzbach, Senior Director of Advancement Resources , Advancement Resources
Diana K. Young, Associate Professor, Finance & Decision Sciences
Rachel Joseph, Associate Professor, Human Communication & Theatre (rolled off in 2025)
Sheng Tan, Assistant Professor, Computer Science
Michelle Bartonico, Senior Strategist and Project Manager (Organizational Change Manager for CEP)
Project-level Details
Trinity purchased an automated tool that looks for patterns in Trinity's data and flags it for high-risk security gaps, e.g., social security numbers, health information, personnel records, and financial data.
If sensitive data is found during this scan, you will not be penalized.
The purpose of the file scan is to identify what sensitive data Trinity has, and where it is located, a University-wide file scan will be performed in late-Summer 2024. Faculty and staff will not be evaluated on the results of the scan, as the sole purpose is to scan Trinity's network for vulnerabilities. The file scan will only impact faculty and staff. Student files will not be scanned at this time.
If you receive an email with a file to review, follow these steps.
Step 1: Use the University record retention policy to identify the "low-hanging fruit" that you can delete. Record Retention Policy and the Record & Document Retention Schedule.
Step 2: Review with your department or supervisor to determine if the remaining files are in the proper folder. If you have any questions or need help, contact ITS at ITsupport@trinity.edu. The team will support you in sorting and moving files to the most appropriate location.
No. This Program was initiated as a result of an external cybersecurity audit. However, the Identity and Access Management and Data Management projects will need to consider how and where Trinity's sensitive data will be stored safely. Regardless of the outcome, faculty will be able to continue using Microsoft and Google for teaching purposes.