Network

Requirements for Faculty/Staff

Requirements for Faculty and Staff

Security Standards

... ...
Standard When does it apply?
Desktop and Portable Computer Standard Always
Password Standard Always
Information Access & Protection Standard Always

Forms, Checklists, and Templates

Forms, Checklists, and Templates

Many forms and checklists below are provided as Adobe PDF Fill-in forms and can be filled in and printed from Acrobat Reader. 

NOTE: These forms may contain Javascript. If you need a different format, please contact the RIT Information Security Office at Infosec@rit.edu or call 585-475-4123.

... ...

Form Name

Use

Exception Request Form

To request an exception from an RIT Security Standard (PDF Fill-In form)

Non Disclosure Agreement (NDA)

Optional NDA used at

Desktop and Portable Computer Security Standard

To protect the RIT community and the Institute network from computer-borne threats, RIT has created minimum security requirements for desktop and laptop computers.

Desktop and Portable Computer Standard

  • Current Desktop/Portable Computer Standard (reflects 2015 operational changes, supersedes previous version, effective 1/23/15)

What does it apply to?

  • All RIT-owned or leased computers.
  • Any computer (physical or virtual) connecting to the RIT network through a physical, wireless, dial-up, or VPN connection.

The standard is not required for:

The following devices should employ these controls... ...

Security Assessment Tools

The following tools should be used in combination to conduct security assessments.

Unified vulnerability management enterprise solution
 
 
Network Vulnerability Scanner
 
... ...

Printer Best Practices

Printers often handle RIT Confidential information, but they can easily be overlooked when securing a network. Use the following best practices to secure any printers you support:

  • Update the firmware.
  • Assign a password for web access to the printer.
  • Change the SNMP community strings. (These are the equivalent of printer "passwords." "Public" and "private" are the defaults and are widely known.)
  • Disable any unused protocols. (Do you really need Novell IPX enabled, etc?)
  • If possible, change the default TCP port from 9100 to another port number. (Specific exploits target the default port and may cause the printers to print blank pages. However,
  • ... ...