The EOTSS Enterprise Security Office, is responsible for keeping the Commonwealth’s data private and secure, accurate, and available to those who need it. We monitor the state’s networks, maintaining constant vigilance relative to the current threat landscape, and we use  industry-standard best  practices and programs to ensure the strongest possible security posture.  

There are four teams in our office. Each team has a unique purpose, but together, they create a comprehensive layered defense approach in order to maintain the highest possible security standards.

  • Compliance Assurance Office — Works to ensure that state agencies follow the IT policies,  procedures, and state and federal laws which pertain to information systems.
  • Enterprise Policy Team — Develops best practices and policies for Executive Branch agencies to follow, and also provides guidance for other entities as they develop their own policy framework.
  • Security Assessment and Consulting Group — Evaluates the technology tools and system architecture used by the Commonwealth as systems are being developed in order to weigh risk and ensure the highest security standards possible.
  • Security Access and Threat Assessment Response/Remediation Team — Watches over the state’s networks and partners with federal counterparts to resolve security-related issues and respond to inquiries relative to cyber hygiene.

Each of these teams serves an important function for the Commonwealth’s information security efforts.

We invite you to explore our website for more information on how we’re continuously working to protect Massachusetts’ technology systems. And please contact us with any questions regarding the Commonwealth’s information security programs.  

Visit the EOTSS Blog and browse our webpage for more information.