Related Links

Cedric Bennett

Ced Bennett is Illumant's higher education practice leader and provides partner-level consulting to our clients. Ced has worked in senior management in higher education IT for thirty years. As Emeritus Director, Information Security Services for Stanford University, he led a department tasked with building awareness and driving change in individual and organizational behavior with regard to increasing institutional information security. Prior to joining Stanford he held IT leadership positions in the electronics, wholesale/retail, health care, and IT services industries.


Higher Education Advisory Services

As universities tighten their budgets, they face mounting risks to the security of sensitive data. Universities have unique challenges maintaining security and compliance in a decentralized and open computing environment.

We understand the specific needs of higher education institutions. Our experts have been helping universities overcome their risk management challenges with tailored solutions for over 10 years. We are

Featured solutions for universities:

  • Security Assessment - Our suite of security assessment cover everything from vulnerabilities, security posture, policies and procedures, critical servers and infrastructure, and wireless deployments. (Learn more.)
  • Departmental Risk Assessment - Compare and contrast the level of exposure and risk between individual academic and administrative units. Evaluate the effectiveness of security measures.
  • Data Loss Prevention (DLP) - Prevent the disclosure of sensitive information. Expand your security and control capabilities. We have the rare expertise to help you select, implement, and maximize the value of a DLP solution in a cost-effective way. (Learn more).
  • Compliance Services - We have a strong track record and deep expertise in helping clients meet their regulatory compliance requirements. Regulations include PCI, HIPAA, FERPA, GLBA, SOX, and SB1386. We also have expertise with accepted security practices and regulations, such as ISO27002.

Other services:

  • Business Continuity Disaster Recovery Planning and Implementation - Plan, deploy and test back-up and recovery strategies. Mitigate the risk of a disaster before it's too late. (Learn more.)
  • Security Program Development - We can help you design (or redesign) a comprehensive top-down information security program, including policies, procedures, and controls, to drive repeatable security practices. We also advise on security architecture and technical issues. (Learn more).
  • Business Process Re-engineering - Redesign processes surrounding sponsored programs, HR, accounting, information technology and security to address compliance and control risk.

Clients served:

  • Bowdoin College
  • Stanford University
  • Duke University
  • Cornell University
  • UCLA
  • UC Santa Cruz
  • Santa Clara University
  • California State University

Case Studies

On-demand Security Assessments

A large private university's information security office retained Illumant to perform on-demand security assessments of all major application implementations, prior to actual deployment. We reviewed the security of the application itself, the underlying infrastructure, and the deployment plan, and we communicated our findings to university executives, information security managers, and project teams.

Unit-by-unit Risk Assessment

An Ivy Plus university engaged Illumant to conduct a risk assessment of each of its academic and administrative units. We inventoried the sensitive information at each unit, evaluated each unit's exposure to various threats, and estimated the impact of security breaches. We delivered our findings to the executive board and proposed risk mitigation strategies in conjunction with an action plan.