Security Assessment Tools

The following tools should be used in combination to conduct security assessments.

Unified vulnerability management enterprise solution
Network Vulnerability Scanner
... ...

Threat Management

In order to reduce information security risks, the RIT Information Security Office (ISO) actively works to identify threat agents that are seeking to exploit vulnerabilities in the environment.   This  consist of scanning network traffic for threats.  For more information please contact the Information Security Officer. Current Internet Threats

Vulnerability Management Program at RIT

Vulnerability Management Program at RIT

In order to reduce information security risks, RIT conducts periodic vulnerability assessments that consist of scanning computers campus-wide for high-risk exposures. In addition, the ISO or its designee may scan as needed for vulnerabilities that are under attack.

What is RIT scanning for?

The vulnerability assessments will include scans of communication services, operating systems, and applications to identify high-risk system weaknesses that could be exploited by intruders. These exploits have the potential to compromise the confidentiality, integrity or availability of RIT information resources.

Which computers may be scanned?

All computers connected to the Institute campus network, including but not limited... ...

PIMI Overview

Private Information Management Initiative (PIMI) Overview

The Private Information Management Initiative seeks to identify and reduce the amount of Private Information found on RIT computers and storage devices. Private information is information that is typically used to conduct identity theft and may include Social Security Numbers (SSNs), credit card numbers, driver’s license numbers, bank account information, etc.

Reducing the amount of Private Information (PI) will help safeguard the RIT community against identity theft and will help RIT comply with relevant state and federal laws. 


  1. Increase awareness of the importance of safeguarding all private information, not just SSNs
  2. Increase awareness
  3. ... ...

Information Security at RIT

Since 2001, the RIT Information Security Office, in partnership with other community stakeholders, has been a leader in managing information security risk and building community resiliency through:

Ensuring only those with sufficient privileges may access certain information.

Ensuring information is whole, complete, and uncorrupted.

Ensuring access to information without interference or obstruction.

Our Mission

Provide leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s information resources.

What We Do

  • Awareness
  • Alerts/Advisories
  • Forensics/Investigations
  • Security Policies & Standards
  • Risk Management Framework
  • Structure and Resources

Risk Management Framework

... ...