You may submit a case study using the submission form. Instructions are included below. Please note that each submission will be reviewed by the Higher Education Information Security Council (HEISC) before it is posted in the appropriate location on this wiki.
Description of Case Studies
Case studies are descriptions of real-world, practical, proven solutions to information security challenges implemented by one or more institutions. The intent of these case studies is to provide ideas for approaches which may be adopted or adapted to another school's particular situation.
By filling in a relatively simple form, a case study is written up and submitted to the Higher Education Information Security Council (HEISC). Once received, it is typically reviewed by one or more of the HEISC working groups, including the guide's Editorial Board. This vetting process gives the institution submitting the case study an opportunity to answer questions or add content that enhances its value.
Submitting a case study not only documents a successful institutional approach to information security, as well as providing useful guidance to other institutions, it also gives the author(s) the opportunity to publish.
Instructions for submitting a case study using the Submission Form:
- Download the submission form
- Fill in all of the required fields (Note: All fields are required except Notes and Alternate E-mail)
- Check the box beneath the Intellectual Property Agreement
- Print and/or save a copy for yourself (optional)
- Submit the completed form via e-mail to firstname.lastname@example.org
- The case study submission will be reviewed by the appropriate HEISC working groups, as well as the Information Security Guide Editorial Board
- If changes are needed, a working group member or EDUCAUSE staff liaison will contact you and provide further instructions
- Once approved, the case study will be linked on the appropriate topic pages (chapters) of this guide
Case Study Submission Directory
Below is a complete list of case study submissions that are referenced throughout the site (look for this symbol: ). To contribute examples of practices that have been effective in your institution, please use the submission form.
- Application Security for Database Administrators (2011)
- Application Security for Developers and Quality Assurance Personnel (2011)
- Building ISO 27001 Certified Information Security Programs at the University of Tampa (2017)
- Developing a Certification Authority for PKI at Virginia Tech (under review, 2017)
- Enhancing Application Security with a Web Application Firewall (2011)
- Identity Finder at The University of Pennsylvania (2017)
- Whole Disk Encryption Evaluation and Deployment at Baylor University (2008)
Questions or comments? Contact us.
Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).