Best Practice

Security Assessment Tools

The following tools should be used in combination to conduct security assessments.

Unified vulnerability management enterprise solution
 
 
Network Vulnerability Scanner
 
... ...

Printer Best Practices

Printers often handle RIT Confidential information, but they can easily be overlooked when securing a network. Use the following best practices to secure any printers you support:

  • Update the firmware.
  • Assign a password for web access to the printer.
  • Change the SNMP community strings. (These are the equivalent of printer "passwords." "Public" and "private" are the defaults and are widely known.)
  • Disable any unused protocols. (Do you really need Novell IPX enabled, etc?)
  • If possible, change the default TCP port from 9100 to another port number. (Specific exploits target the default port and may cause the printers to print blank pages. However,
  • ... ...

Host Intrusion Prevention (RIT-owned/leased computers only)

Note: This requirement applies only to RIT-owned and leased computers. There is currently no requirement for personally-owned machines to run host intrusion prevention.

Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.

The following products have all been tested by the Information Security Office and approved for use on RIT-owned/leased computers.

Recommended Host-based Intrusion Prevention Software

Server

... ...

Program

Document Destruction

Document Destruction

Updated June 11, 2014

Why Have Document Destruction Activities?

Document Destruction Activities provide a focused opportunity for RIT faculty and staff to archive securely or dispose of paper records that contain private information. Private Information includes financial account numbers, social security numbers, driver’s license numbers and other information that can be used in identity theft. Participation in this activity will enable RIT to secure Private Information that could otherwise be used to facilitate identity theft. Document Destruction Activities are part of the RIT Private Information Management Initiative,... ...

Backing Up Your Data

Backing Up Your Data

What is a data backup?

Backing up data is the process of copying files and folders to a separate secure location for the purpose of restoring them in case of data loss. Losing data is harmful to both individuals and companies as it may result in months’ or years’ worth of work if the information is destroyed and otherwise unrecoverable. Within the last few years, data loss has become a huge issue because of the rise of ransomware, a dangerous malware capable of encrypting a user’s data so that the data cannot be recovered... ...