Suppliers and Vendors (Cyber)

The request was successful.

Dear Oxford Brookes University,

Under the freedom of information act 2000. I write to obtain the following details:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor
(E.g. Firewalls E.g.2 Anti-virus E.g.3 Vulnerability scanning)

4) Number of websites owned by the University

Many thanks,
James Noland

Suzanne Van Duijnhoven, Oxford Brookes University

Dear Mr Noland,

Freedom of Information Act Request - our reference 2017-160

Thank you for your email dated 04/09/2017 requesting information from
Oxford Brookes University about Suppliers and Vendors of Cyber Security. 

The University will respond on or before 02/10/2017,  the date on which
the 20 working day response period permitted by the Freedom of Information
Act ends.

I may need to contact you again if the request needs to be clarified; this
is to ensure that we provide you with the information you require.

Please note that in certain cases some information you have requested may
not be provided to you; this will only be information that can be withheld
by law. In these cases the reasons will be explained to you along with
your copy of any information that can be released to you.

Yours Sincerely

--
Suzanne van Duijnhoven
Information Compliance Officer
IT Services
Oxford Brookes University
Phone: 01865-485420  
[1]IT strategy  [2]IT Services website  [3]IT policies
My usual working hours are Monday 09.00-15.00, Tuesday 09.00-17.00 and
Wednesday from 09.00-15.00.

References

Visible links
1. https://www.brookes.ac.uk/obis/it-strate...
2. https://www.brookes.ac.uk/obis/
3. https://www.brookes.ac.uk/obis/informati...

Suzanne Van Duijnhoven, Oxford Brookes University

Dear Mr Noland,

Freedom of Information Act Request - our reference 2017-160

Further to your email of 04/09/2017 asking for information from Oxford
Brookes University about Suppliers and Vendors of Cyber Security, I am
able to provide the following information in response to your request.

You asked:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible
for cyber security

Answer:

Gareth Packham, Head of Information management
Tim Loveday, Network & Security Manager

You asked:

2) Names of all cyber security providers you work with and buy from

Answer:

Actica Consulting
NCC Group
Sophos
Khipu

You asked:

3) Names of all cyber security vendor(s) you use

Answer:

Juniper
Sophos
Mcafee

You asked:

3b) Renewal date for the above vendor(s)

Answer:

Juniper - contract ends 31/07/2018

Sophos - contract ends 22/02/2018

Mcafee - no contract

You asked:

3c) Cost and duration for the above contract(s)/license(s)

Answer:

Juniper - cost  £21.924,- - contract duration 5 years (started
01/08/2013)

Sophos - cost £13.680,- - contract duration 1 year (started
28/02/2017)

Mcafee - no contract

You asked:

3d) For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning)

Answer:

Juniper - Firewall
Sophos - Anti-Virus
Mcafee - Anti-Virus

You asked:

4) Number of websites owned by the University

Answer:

In order to provide a reply to this question the following
considerations are made:

- everything with .[1]brookes.ac.uk in its domain is taken to be part of
the same website

- Websites owned in partnership with other organisations are excluded

- Websites that are not hosted on University infrastructure are excluded

- Google sites set up by staff and students are excluded
- Intranets / internal sites are excluded

With these considerations the number of websites owned by Oxford Brookes
University is 4. 

If this information does not address your requirements under the Freedom
of Information Act or you wish to complain about any aspect of the
handling of this request, then you should contact the undersigned in the
first instance. Should you remain dissatisfied, then you may apply for an
internal review by contacting the Director of Corporate Affairs at Oxford
Brookes University, Headington Campus, Gipsy Lane, Oxford OX3 OBP
(email: [2][email address] ).  Your request for internal review
should be submitted to us within 40 working days of receipt by you of this
response. 

During the independent review the handling of your information request
will be reassessed by staff who were not involved in providing you with
this response. If you remain dissatisfied with the handling of your
request or complaint, you have a right to appeal to the Information
Commissioner at The Information Commissioner's Office, Wycliffe House,
Water Lane, Wilmslow, Cheshire SK9 5AF. Further contact information and
details of the role and powers of the Information Commissioner can be
found on the Commissioner's website: [3]http://www.ico.org.uk/ 

Please note that the Information Commissioner is unlikely to investigate
your case until the University’s internal review process has been
completed.

Yours sincerely,

--
Suzanne van Duijnhoven
Information Compliance Officer
IT Services
Oxford Brookes University
Phone: 01865-485420  
[4]IT strategy  [5]IT Services website  [6]IT policies
My usual working hours are Monday to Thursday from 09.00-15.00.

References

Visible links
1. http://brookes.ac.uk/
2. mailto:[email address]
3. http://www.ico.gov.uk/
4. https://www.brookes.ac.uk/obis/it-strate...
5. https://www.brookes.ac.uk/obis/
6. https://www.brookes.ac.uk/obis/informati...