About Us

The Cybersecurity and Privacy unit in the Division of IT provides the University with support for identity and access management; incident response; payment card processing security; awareness and training; and data security. We are also home to the Cybersecurity Internship Program and research security consulting services. If you have questions about any content you see here or need additional support, please contact us at the Division of IT Central Helpdesk at: or (970)-491-7276.

IT Security Policies

IT security practices are specified in policies approved by the ITEC Advisory Council (IAC), updated at least annually and posted at the Office of Policy and Compliance:

Identity and Access Management

Incident Response

Departments at Colorado State University have access to Incident Response materials and training to assist in responding to a variety of cybersecurity breaches.

Credit Card Security (PCI-DSS Compliance)

Merchants at Colorado State University that take credit card payments for goods and services are required to comply with the Payment Card Industry Data Security Standard (PCI-DSS), whether conducting e-commerce, mail-order/telephone-order, mobile, or retail transactions.

Awareness and Training

Information security is everyone’s responsibility. Every person who interacts with our University computers, our networks, or handles information of any kind, plays a part in ensuring that data and those services are protected. Being aware of risks and defenses is the first step to responding appropriately as well as protecting yourself and the University.

The CSU Cybersecurity Training and Awareness Platform is where students, faculty, and staff can complete the annual CSU Cybersecurity Training. This training is designed to help our community understand the importance of cybersecurity and provide best practices to help protect individuals and the university from cyber threats. Questions? Please reach out to our Security Training Specialist, Kelly Poto,

See CSU Pueblo’s Information Security Awareness page for tips on avoiding scams, keeping passwords safe, and more.

Data Security

Preserving and ensuring the confidentiality, integrity and availability of sensitive information are the hallmarks of information security. In addition, certain federal, state, local and university regulations may apply depending on the type of data and application. For more information about securing research, please visit the pages below:

Cybersecurity Internship Program

In 2018, the Division of IT established a Cybersecurity Internship that is open to Undergraduate students. Students in the program learn about cybersecurity concepts and work with professional level security tools to support our security posture at Colorado State University.

Interested in participating or have questions? Get in touch with us at:

Secure Your Data and Devices

CSU provides secure off-campus access to on-campus resources via the GlobalProtect gateway, also known as a Virtual Private Network (VPN).  GlobalProtect VPN provides a secure and encrypted tunnel between your device and the CSU network that enforces the use of recent, more secure operating system versions.  The VPN is reachable via the GlobalProtect desktop client or via the web interface (Fort Collins: | Pueblo: 

Duo is a tool that provides two-factor authentication to better protect your account by requiring an additional piece of information beyond your username and password. When you access certain CSU System services – including Microsoft 365 applications (OneDrive, Teams, etc.) and university email accounts, VPN, using both the GlobalProtect desktop agent/client and – you will be required to use a device that you have (mobile phone, desk phone, or a hardware token) to provide an additional layer of security to your account. This is done by receiving a push authentication request through the Duo Mobile App, a phone call, or entering a generated code. Intro to DUO and Why CSU uses it

Antivirus & Malware

Microsoft Email Encryption

Distributed IT Tools