Information

Requirements for Faculty/Staff

Requirements for Faculty and Staff

Security Standards

... ...
Standard When does it apply?
Desktop and Portable Computer Standard Always
Password Standard Always
Information Access & Protection Standard Always

Cloud Computing Best Practices

We've provided some general information below about cloud computing. At RIT, information handling requirements (including the use of non-RIT servers for storage) are articulated in the Information Access and Protection Standard. Refer to the standard for more information about storage restrictions based on information classification.

There are certainly some benefits to cloud computing, but the practice of saving content on the Internet is facing more scrutiny than ever. While there is no silver bullet solution to securing your cloud service, understanding how you can protect yourself is the best way to keep your information private.

Keep up to date... ...

Private Information Management Initiative (PIMI) FAQ

Updated 2/25/2015.

Jump to:

General

Responsibilities

Scanning/Results

Non-Windows

Questions


General

What is the Private Information Management Initiative?

The Private Information Management Initiative (PIMI) is a program where the RIT Information Security Office helps RIT faculty and staff scan their computers and attached drives to determine if they contain private information (PI). When PI is found, each RIT faculty and staff member is responsible for remediating the private information by scrubbing or shredding the files.

The program also includes destruction of paper files containing nonessential PI.

The goals of the program are to... ...

Exception Process and Compliance

Updated 6/11/14

Anyone not in compliance with an Information Security Standard is subject to sanctions including suspension of computer and network privileges and/or the full range of current Institute personnel and student disciplinary processes.

In a small number of circumstances, it may not be possible to comply with an Information Security Standard.   The Information Security Office has provided the following method for obtaining an exception to compliance with a published information security standard.  Exceptions should be approved and signed by the appropriate Information Trustee (VP, Dean, or CIO).  (An email endorsing the exception request is acceptable.)

An exception MAY be granted by... ...

Plain English Guide to the Information Security Policy

Plain English Guide to the Information Security Policy 

RIT has issued an Information Security Policy. The Policy provides the strategic direction needed to implement appropriate information safeguards for RIT information and the Institute network. This Plain English Guide provides explanation and illustration of the Policy and is provided as an aid to help you understand and implement the requirements of the Policy. The Policy itself is authoritative. The policy is effective immediately.

Why did RIT issue the policy?

The Policy authorizes RIT to take reasonable measures to protect RIT information and computing assets in an age... ...