Securing Research Data at ASU
Arizona State University employs a comprehensive, multi-tiered strategy to ensure the security of research data, aligning with national standards and evolving regulatory demands.
Data Security Areas
- Data classification and access controls
- Cybersecurity frameworks (e.g., NIST 800-171, CMMC)
- Network security and monitoring
- Endpoint protection (devices, systems)
- Secure data storage, transfer, and backup
- Incident response and breach management
- User training and IT policy enforcement
Data Security Support Guidance
Please do not assume that the KE Research Technology Office supports all data security needs across the university. Many departments have their own designated support resources.
If the appropriate data security point of contact (POC) is unknown, the Contract Officer (CO) should first reach out to the Research Administrator (RA) or Principal Investigator (PI) to determine if a POC has been assigned.
If no POC is identified, please refer to the Enterprise Technology (ET) Routing Matrix, which is the closest available resource to a university-wide support directory. You can search by department, and responses are organized by office rather than individual staff:
If no departmental support is available, please submit a ticket to the Research Technology Office via the following service portal:
Research Compliance often flags when sensitive data protections are required (e.g., for human subjects or export-controlled work), but doesn’t enforce IT controls. They do oversee compliance with Export Control Technology Plans in accordance with US export regulations.
IT Security then works to implement the appropriate technical safeguards (e.g., encryption, access control).