Information

Information Security at RIT

Since 2001, the RIT Information Security Office, in partnership with other community stakeholders, has been a leader in managing information security risk and building community resiliency through:

Confidentiality
Ensuring only those with sufficient privileges may access certain information.

Integrity
Ensuring information is whole, complete, and uncorrupted.

Availability
Ensuring access to information without interference or obstruction.


Our Mission

Provide leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s information resources.

What We Do

  • Security Education, Training, and Awareness
  • Alerts/Advisories
  • Forensics/Investigations
  • Security Policies & Standards
  • Risk Management Framework
  • Structure and Resources

Risk... ...

Requirements for Faculty/Staff

Requirements for Faculty and Staff

Security Standards

... ...
Standard When does it apply?
Desktop and Portable Computer Standard Always
Password Standard Always
Information Access & Protection Standard Always

Information Access & Protection Standard

Information Access & Protection Standard

The Information Access & Protection (IAP) Standard provides requirements for the proper handling of information at RIT.

Information Classifications

The standard classifies information into four categories: Private, Confidential, Internal, and Public.

Private information

Private information is information that is confidential and which could be used for identity theft. Private information also has additional requirements associated with its protection (e.g., state and federal mandates). Examples include:

  • Social Security Numbers (SSNs), Individual Taxpayer Identification Numbers (ITINs), or other national identification numbers
  • Driver’s license numbers
  • Financial account information (bank account numbers, checks, credit or debit card numbers), etc.

Confidential... ...

Security Education, Training, & Awareness

Security Education, Training, & Awareness

Information security is a complex and constantly changing field that individuals at every level of the organization need to keep pace with in order to keep RIT information resources secure.  RIT offers the following education training and awareness programs to assist everyone from end user to system administrators to keep current with information security trends.

Academic Education

  • The GCCIS Department of Computing Security provides a variety of information security courses at the graduate and undergraduate level.

Training

  • Orientation sessions: The ISO often provides introductory information security training and materials at new student and new
  • ... ...

Keeping Safe

Keeping Safe: Guidelines and Best Practices

Not sure how to keep yourself, your information, and your devices safe? Click on the headings below for best practices, resources, and more; also be sure to check out our blog for more specific content, answers to your information security questions, and best practices guides!

... ...

Subject Area

Comments

Securing your Computer

Free downloads and instructions to support the Desktop and Portable Computer Standard.

Mobile Devices

Learn how to