The Network Security Standard provides measures to prevent, detect, and correct network compromises. The standard is based on both new practices and best practices currently in use at RIT.
Please consult the checklist or the standard below for a complete list of requirements.
Who does it apply to?
All systems or network administrators managing devices that:
Connect to the centrally-managed Institute network infrastructure
Process Private or Confidential Information
Currently, personal network devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. However, the use of wireless routers is prohibited... ...
The Information Access & Protection (IAP) Standard provides requirements for the proper handling of information at RIT.
The standard classifies information into four categories: Private, Confidential, Internal, and Public.
Private information is information that is confidential and which could be used for identity theft. Private information also has additional requirements associated with its protection (e.g., state and federal mandates). Examples include:
Social Security Numbers (SSNs) or other national identification numbers
Driver’s license numbers
Financial account information (bank account numbers, checks, credit or debit card numbers), etc.
Confidential information is information that is restricted to a need-to-know... ...
Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending spoofed e-mails that appear to be from reputable companies. Phishing e-mails provide a link to a seemingly authentic page where you can login and reveal your username, password and other personal identifying information (PII)." Online scammers can then use this information to access your accounts, gather additional private information about you, and make purchases or apply for credit in your name.