Office of Research Security Overview
The Office of Research Security (ORS) works closely with the SBU community to promote education, awareness, and compliance with complex federal regulations around disclosure of external relationships, protection of research from undue foreign influence, export control and sanctions, data security, and international engagements.
SBU Research Community
SBU research community must minimize risk to themselves and the institution by ensuring they understand their role and responsibilities in research security:
- Understand and comply with relevant research security and export control regulations, policies and procedures.
- Protect sensitive research data from unauthorized disclosure.
- Properly classify research data to appropriate sensitivity levels.
- Utilize appropriate data storage and access controls.
- Implement appropriate safeguards.
- Report potential vulnerabilities.
- Submit full, accurate and timely disclosures of outside professional activities.
- Remain vigilant about malign foreign influence.
- Recognize and report suspicious activities and behaviors.
- Practice safe online behaviors.
- Complete required training and maintain appropriate records.
- Communicate with the ORS when you have questions. When in doubt, err on the side of caution and ask.
What is Research Security?
There are four main areas of importance related to research security. Each area is briefly discussed below - review the information on each area's website for assistance with risks, guidance, and best practices.
University and Sponsor Disclosure Requirements
- Disclosure of external relationship, both domestic and international. These relationships must be transparent and disclosed in accordance with applicable federal sponsor agency guidance/policies and SBU policy/procedures.
The University and Sponsor Disclosure Requirements webpage includes information on SBU's disclosure requirements and processes, sponsor disclosure requirements (what needs to be in a biosketch, current & pending, and other support documents, receipt of gifts, and sponsor requirements for organizational conflict of interest.
Research Data Protection and Security
- Protection of intellectual property, research data, and materials, i.e., cybersecurity, physical security, review of international relationships and higher risk activities, use of appropriate agreements (e.g., material transfer, confidentiality, collaboration, data-use, visitor scientists).
The Research Data Protection and Security webpage includes information on security (based on the type and source of data), management, protection (rights in data), U.S. government prohibitions on IT related equipment
International Engagements
- Identification and mitigation of potential undue foreign influence when engaging in international research activities.
The International Engagements webpage includes information on what the U.S. government considers high-risk activities (Restricted Parties, Countries of Concern, Foreign Talent Recruitment Programs, Emerging & Critical Technologies) when engaging with international colleagues, partners, collaborators, sponsors, etc.
Export Control Regulations & Sanctions/Embargoes
- Compliance with export controls and sanctions/embargoes regulations.
The Export Control Regulations webpage includes information about disclosure, shipment, use, transfer, or transmission of any export controlled item, commodity, material, technical information, technology, software, or encrypted software for the benefit of a foreign person or foreign entity anywhere (including the transfer of controlled information within the U.S. “deemed export”) and transaction and the provision of services involving prohibited countries, persons or entities based on trade sanctions.
Research Security Training
Research security training is required for:
- All faculty involved in externally and internally funded research activities, and
- Any non-faculty that meet the definition of “covered individual” (42 USC § 19237(1)).
Research security training is highly recommended for:
- All faculty, staff, students, and others that are involved in any international engagements.
More information is available on the Research Security Training Website
Office of Research Security (ORS)
The ORS team provides support with the following types of issues:
- Disclosure of foreign collaborations and relationship
- Export control compliance/guidance and licensing
- International travel
- Hosting visiting researchers on campus
- Foreign government talent recruitment programs (international appointments)
- Review international research activities to assess risk from undue foreign influence
- Research data protection and security guidance and best practices
- Guidance on federal sponsor risk review processes/policies
- Compliance with contractual cybersecurity requirements
Webinars, Reviews, and 1:1 Meetings
Request a Research Security Review - NetID Login Required
Attend a Research Security or Export Control Webinar - View the Schedule
Schedule a Meeting with a Research Security Professional
Newsletters and Campus Correspondence
ORS disseminates important information and updates from the federal government and federal sponsor agencies through newsletters and campus correspondence.
Newsletters and Campus Correspondence are available here.
Awareness (external resources)
Awareness resources/materials from external sources shared to assist SBU faculty, staff, and students in understanding how to practice research security - areas covered Academic Solicitation, Intelligence Threats, and Travel Security.
SBU Policies
Many campus policies are related to an effective research security program. These policies are discussed and referenced throughout these pages.
- Responsible Use of Information Technology Resources
- Disclosure of External Interests & Commitments Policy
- Export Control Policy
- Information Security Program Administration Policy
- Cyber Incident Response Policy
- Sensitive Information Classification Policy
- Additional Division of Information Technology policies
- Policy on Data and Devices for International Travel
- Guests/Visitors Policy
- Research Data Ownership, Retention, & Access Policy
- Physical and Electronic Access Control Policy
- Provost's Office: Approval Process for Faculty Members who are Offered Appointments at Foreign and Domestic Institutions
- Provost's Office: Outside Consulting Work
- University Travel Policy
U.S. Federal Government Policies and Guidance Documents
Since 2019, the U.S. federal government has issued requirements and guidance for Research Security Programs. These requirements include cybersecurity, international travel security, export control compliance, foreign talent programs, and proper disclosure external activities, in-kind and other support.
Current and historical information is available here.
Report concerns related to research security
If after reviewing the information provided on this website or any other research security resources it is believed that a research security violation may have occurred use the below resources:
- EthicsPoint: Reports may be submitted via SBU's secure third-party confidential reporting system by web and mobile devices or telephone (see information provided below). Select the "Export Control/Research Security Concern" type. Reports may be submitted anonymously. Mobile & Web Report is available or you may report by phone at (833) 223-7024
OR
- You may e-mail or call (631-632-1954) the Director of Research Security.