Keep CMU Safe and Secure

Value Statement

Through proactive, systematic monitoring and risk mitigation, OIT protects the CMU community against a range of physical and virtual threats. OIT strives to make its security efforts as transparent as possible to students, faculty, and staff, while still ensuring compliance with legal requirements and appropriate protection for CMU data and systems.

Service Components

Access Control Lists (ACL)

  • ACLs provide a framework of security that can be used to restrict or grant access to files, programs, network ports, etc.

Identity Management

  • Each student, faculty, and staff member is provisioned with a unique "Global" account ID. The Global ID grants access to account information, e-mail, and other various systems.

Emergency Notification

  • Central Alert is a managed, automated notification system used for broadcasting emergencies and announcements, both localized and campus-wide.  


  • Technology-specific forensics play a key role in the safety and security of CMU sensitive information and can be used as a tool in the event of a breech of security.

Malicious Code Protection

  • Malicious code protection provides the framework necessary to set policies and procedures referencing malicious code and protects CMU systems from such code.

Network Bandwidth Quota Monitoring

  • This system is used for monitoring bandwidth usage for computers registered on the network; when the bandwidth used exceeds the quota allocated, the quota system restricts any over-quota computer to only intranet network access.

Network Firewall

  • The network firewall sets an enterprise-wide IT security policy and governance framework, which monitors and restricts unwanted or unauthorized connections to the CMU network.

Network Intrusion Detection System

  • The design, implementation, and support for CMU's enterprise-wide IT security policy and governance framework.

Network Registration

  • This system enforces a network registration process that is required to connect a personal computer to CMU's network; each personal computer on the network must be registered to a Global ID before gaining production network access.

Physical Access Control

  • This service includes a centrally hosted and managed campus-wide security system. Each security area has the ability to take advantage of a larger, ubiquitous system while maintaining autonomous control over the individual area.

Security Consulting

  • OIT provides consulting services relating to securing various forms of technology. Security consulting may consist of desktop security, data security, or application security.

Security Incident Response

  • The Computer Security Incident Response Team (CSIRT) is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activity.

SPAM Filtering

  • The SPAM monitoring system is in place to scan inbound and outbound mail to identify malicious or otherwise unwanted messages. It uses criteria to generate a score that determines if a message is rejected due to unacceptable content.

Video Surveillance

  • This service includes both standalone video systems as well as digital systems that are integrated directly with the access control security system. Each area has the ability to take advantage of a larger ubiquitous system while maintaining autonomous control over the individual area.

Virtual Private Network

  • System in place to allow tunneled and encrypted connections to CMU's network; allows for off-campus computers to access CMU's internal network.