Network

Requirements for Faculty/Staff

Faculty and Staff

Information Handling Quick Links

Link Overview
Digital Self Defense 103 - Information Handling Covers important security issues at RIT and best practices for handling information safely.
Disposal Recommendations How to safely dispose of various types of media to ensure RIT Confidential information is destroyed.
Recommended and Acceptable Portable Media List of recommended and acceptable portable media devices (such as USB keys, CDs, DVDs, and flash memory).
Mobile Device Usage Recommendations Recommendations for mobile device usage at RIT
VPN Recommended for wireless access to RIT Confidential information.
E-mail at RIT Improve the security of your e-mail at RIT.

Safe Practices

  • Visit our Keeping Safe section to find security resources and safe practices and to see our schedule of upcoming workshops.

Questions

If you have questions or feedback about specific information security requirements, please contact us.

Requirements for Students

Requirements for Students

 

Standard

When does it apply?

Desktop and Portable Computer Standard

Always

Password Standard

Always

Signature Standard

Always - All authentic RIT communications should include an appropriate signature as per the standard. Make it a habit to check for an authentic signature when receiving messages from RIT.

Web Security Standard

If you have a web page at RIT, official or unofficial, and you:
  • Host or provide access to Confidential information. If you’re hosting or providing access to Private information, contact us at infosec@rit.edu immediately. Private or confidential information is defined in the Information Access and Protection Standard.
  • Use RIT authentication services

Computer Incident Handling Standard

If the affected computer or device:
  • Contains Private or Confidential information
  • Poses a threat to the Institute network

Network Security Standard

If you own or manage a device that:
  • Connects to the centrally-managed Institute network infrastructure
  • Processes Confidential information. If you’re providing access to Private information, contact us at infosec@rit.edu immediately.

Portable Media Standard

If you are storing Private or Confidential information on portable media, such as USB keys, CDs, DVDs, and flash memory.

Networking Devices

  • Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.

Safe Practices

  • Visit our Keeping Safe section to find security resources and safe practices and to see our schedule of upcoming workshops.

Questions

If you have questions or feedback about specific information security requirements, please contact us.

Technical Resources

Technical Resources

This section of the website contains links to tools and documentation specifically for use by administrators. Scroll to the bottom of the page to access these resources.

What are my responsibilities as an administrator?

You are responsible for ensuring that all web resources, computers, servers, network devices, and any other types of computing devices that you support comply with all published standards.

You are also responsible for prompt reporting of computer incidents to the ISO in accordance with the Computer Incident Handling Standard.

Computer Incident Handling Resources

Security Checklists

Exceptions

The Information Security Office has provided a method for obtaining an exception to compliance with the published security standards.

Questions

If you have any questions or feedback about specific information security requirements, please e-mail us at infosec@rit.edu.

Forms, Checklists, and Templates

Forms, Checklists, and Templates

Many forms and checklists below are provided as Adobe PDF Fill-in forms and can be filled in and printed from Acrobat Reader. 

NOTE: these forms may contain Javascript. If you need a different format, please contact the RIT Information Security Office at Infosec@rit.edu or call 585-475-4123.

Form Name

Use

Exception Request Form

To request an exception from an RIT Security Standard (PDF Fill-In form)

Non Disclosure Agreement (NDA)

Optional NDA used at department discretion

RIT Systems Support Personnel Non Disclosure Agreement

Required for all systems support personnel

 

Checklist Name

Use

Desktop and Portable Computer Checklist General User

Compliance checklist for use by self-supported faculty, staff, and students.

Desktop and Portable Computer Checklist ITS-Supported Users Compliance checklist for use by ITS-supported faculty, staff, and students. (1/23/13)

Desktop and Portable Computer Checklist Systems Support

Systems support personnel compliance checklist for computers they support.

Server Security Checklist

Compliance checklist for use with the Server Security Standard

Network Security Checklist

Compliance checklist for use with the Network Security Standard

Web Standard Compliance Checklist

Compliance checklist for use with the Web Security Standard

 

Template Name

Use

MSWord RIT Confidential Template

For general marking of Confidential Information

MSWord RIT Internal Use Only Template

For general marking of Internal Information

Information Access and Protection Inventory Template (MS Excel)

For department use in creating an information inventory for Information Access and Protection.

 

Wireless Networking

Wireless Networking

Wireless logo

Wireless networks are generally considered to be less secure than wired networks; however, with proper configuration and encryption enabled, they can provide more than adequate security for most users. Read our Accessing Wireless Networks Safely Brochure to learn more and better protect your privacy.

Wireless at RIT

RIT offers three different wireless networks across campus: an open public network, an encrypted WPA network, and an encrypted WPA2 network. We strongly recommend using the WPA2 or WPA network at all times, as they provide much better quality and security for users. WPA2 is the preferred protocol, as it offers the best security.

The WPA and WPA2 network signals are not broadcast publicly, so your computer will not automatically detect them. ITS provides instructions on How to Access RIT’s WPA Wireless Network.

More information on wireless networking at RIT can be found on the ITS Wireless Computing at RIT page.

Residential Networking

Please note that the use of wireless network routers is not permitted in residential areas on campus. Use of wired routers is acceptable; however, you should read and comply with Resnet’s guide to Using a Router on the RIT Network prior to setup.

Wireless at Home 

Without a secure configuration, your wireless network is open to anyone within range of the access point (typically anywhere from 100-1000 feet). Anyone in your area can "piggyback" on your connection and use your Internet, which can lead to a number of problems such as service violations, bandwidth shortages, abuse, activity monitoring, or direct attacks to your computer.

Best Practices for Home Wireless Networks

  • Change Your Default SSID and Administrator Password (See About.com for overview, but process varies by manufacturer)
  • Disable SSID Broadcasting 
  • Enable WPA Encryption
  • Enable MAC Address Filtering (See About.com for overview, but process varies by manufacturer)
  • Keep Your Access Point Software Up-To-Date with Patches
  • Use Your Router's Built-in Firewall
  • Use File Sharing with Caution

Public Wireless Networks

Many public access points are not secured, and the traffic they carry is not encrypted. This puts your sensitive communications and transactions at risk. Because your connection is being transmitted "in the clear," malicious users can use sniffing tools, "shoulder surfing," or other methods to obtain information including passwords, bank account numbers, unauthorized computer access, and credit card numbers quite easily.

Best Practices for Public Wireless Networks

  • Avoiding Sending Sensitive Information (such as online banking, shopping, etc..) over a Wireless Network
  • Stay on Secure Websites (look for HTTPS and lock icon)
  • Encrypt Your Traffic
  • Connect Using VPN (Virtual Private Networking)
  • Disable File Sharing
  • Be Aware of Your Surroundings
 

 

Pages

Subscribe to RSS - Network