The IT Security Office will regularly scan for vulnerabilities on Virginia Tech's network to help identify potential problems that could result in data disclosures, illegal usage, weak systems that are attractive for attacks, etc.
Security reviews are also conducted on a regular basis for areas that are required by policy (or law) to verify a secure operating environment. For example, requirements from the Payment Card Industry (PCI) for systems that collect credit card data, HIPPA in terms of health related information, and others.
In all these cases, the IT Security Office will follow-up by contacting and working with areas to eliminate problems that may be discovered.
Areas may request security reviews be done in a specific area by contacting Randy Marchany at: marchany@vt.edu
To better understand the steps take during a security review please refer to the following documents.