Vulnerability Management Program at RIT
In order to reduce information security risks, RIT conducts periodic vulnerability assessments that consist of scanning computers campus-wide for high-risk exposures. In addition, the ISO or its designee may scan as needed for vulnerabilities that are under attack.
What is RIT scanning for?
The vulnerability assessments will include scans of communication services, operating systems, and applications to identify high-risk system weaknesses that could be exploited by intruders. These exploits have the potential to compromise the confidentiality, integrity or availability of RIT information resources.
Which computers may be scanned?
All computers connected to the Institute campus... ...
Private Information Management Initiative (PIMI) Overview
The Private Information Management Initiative seeks to identify and reduce the amount of Private Information found on RIT computers and storage devices. Private information is information that is typically used to conduct identity theft and may include Social Security Numbers (SSNs), credit card numbers, driver’s license numbers, bank account information, etc.
Reducing the amount of Private Information (PI) will help safeguard the RIT community against identity theft and will help RIT comply with relevant state and federal laws.
- Increase awareness of the importance of safeguarding all private information, not just SSNs
- Increase awareness ... ...
Since 2001, the RIT Information Security Office, in partnership with other community stakeholders, has been a leader in managing information security risk and building community resiliency through:
Ensuring only those with sufficient privileges may access certain information.
Ensuring information is whole, complete, and uncorrupted.
Ensuring access to information without interference or obstruction.
Provide leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s information resources.
What We Do
- Security Policies & Standards
- Risk Management Framework
- Structure and Resources
Risk Management Framework