Case Study: Minnesota State Colleges and Universities achieves comprehensive, system-wide IT security and compliance with NetSPI

NetSPI partnered with MnSCU to develop organizational and campus-based IT security programs

Minnesota State Colleges and Universities (MnSCU), one of the nation’s largest higher-education systems with 34 colleges serving approximately 250,000 students, faced the challenge of creating a definitive yet flexible system-wide and campus-based IT security and compliance program. To address risks from open-access academic environments, campus Wi‑Fi, student usage, and multiple regulatory regimes (PCI, HIPAA, FERPA), MnSCU engaged NetSPI to provide ongoing security consulting and assessment services, including Strategic Program Review, ISO 17799-based policy and standards development, Compliance-Based Assessment, and Security Assessment Program Development.

NetSPI implemented a long-term, customized engagement (partnering since 2002) that combined technical assessments, policy development, and program rollout across campus and system levels, including regular presentations to CIOs and campus committees. As a result, NetSPI helped MnSCU establish an executable security and compliance framework applied across 34 colleges and ~250,000 students, improved alignment with regulatory requirements, and delivered recommendations that leadership, technical teams, and internal/external auditors judged to be practical and broadly applicable.

Minnesota State Colleges and Universities

Bev Schuft

Director of Information Security