Prevention

Desktop and Portable Computer Security Standard

To protect the RIT community and the Institute network from computer-borne threats, RIT has created minimum security requirements for desktop and laptop computers.

Desktop and Portable Computer Standard

  • Current Desktop/Portable Computer Standard (reflects 2015 operational changes, supersedes previous version, effective 1/23/15)

What does it apply to?

  • All RIT-owned or leased computers.
  • Any computer (physical or virtual) connecting to the RIT network through a physical, wireless, dial-up, or VPN connection.

The standard is not required for:

The following devices should employ these controls... ...

Host Intrusion Prevention (RIT-owned/leased computers only)

Note: This requirement applies only to RIT-owned and leased computers. There is currently no requirement for personally-owned machines to run host intrusion prevention.

Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.

The following products have all been tested by the Information Security Office and approved for use on RIT-owned/leased computers.

Recommended Host-based Intrusion Prevention Software

Server

... ...

Program

RIT Faculty and Staff Responsibilities

Private Information Management Initiative -- Faculty and Staff Responsibilities

All RIT faculty and staff are expected to follow the Private Information Management Initiative (PIMI) remediation requirements below:

  • Review paper files for Private information.
  • Scan RIT computers with Identity Finder for Private information (if Identity Finder is not available, scanning with an alternative tool or reviewing the computer for Private Information is recommended). Information Technology Services (ITS) will initiate scans of most computers monthly.
  • Scan or review personal/home computers, portable devices, and media for Private information (e.g., Social Security Number, Bank Account Number, Credit Card Number or Drivers License).
  • Inform your manager
  • ... ...