IPAS - Information Privacy and Security Project Team

Printer-friendly versionPrinter-friendly version
Team ID: 
College / Administrative Unit: 
Finance and Business
Information Technology Services (ITS)
Date Started: 
January 2008
The IPAS project is a University-wide mission to enhance the data security practices at Penn State. The primary project goal is to assure the privacy of critical information and to comply with internal policies and external regulations affecting Penn State.

There are two phases of the IPAS project; Phase I is to achieve Payment Card Industry Data Security Standards (PCI DSS) compliance for all approximately 150 credit card merchants. Phase II will increase our overall data security posture at Penn State.

IPAS has worked towards achieving University-wide Payment Card Industry Data Security Standard (PCI DSS) compliance over the past year. Phase I progress is measured by the compliance level of administrative areas. Inventory assessment on 47 admin areas was completed early 2007; 240+ technical, financial and administrative staff have been trained on Phase I initiatives; remediation plans were received from all admin areas processing credit cards; centralized services such as PSUPay and ITS firewall enhancements (NAT and multi-port) were developed based on customer needs and a Working Group committee was formed to make recommendations on University-wide privacy and security efforts. IPAS will soon be moving into Phase II, which deals with the protection of Penn State data classified as sensitive either to the institution or the individual. IPAS is working to raise the awareness of the University as a whole to operate in a more secure manner; overall protecting Penn State staff, faculty and students.

Contact Person: 
Mike Leach
  • Mike Leach, Project Manager
  • Craig Henniger, Member
  • Kathy Kimball, Member
  • David Lindstrom, Member
  • Lorraina Snook, Member
  • Jenn Stewart, Member