Private

Private Information Management Initiative (PIMI) FAQ

Jump to:

General

Responsibilities

Scanning/Results

Non-Windows

Questions


General

What is the Private Information Management Initiative?

The Private Information Management Initiative (PIMI) is a program where RIT Information Technology Services helps RIT faculty and staff scan their computers and attached drives to determine if they contain private information (PI). When PI is found, each RIT faculty and staff member is responsible for remediating the private information by scrubbing or shredding the files.

The program also includes destruction of paper files containing nonessential PI.

The goals of the program are to identify and reduce... ...

PIMI Overview

Private Information Management Initiative (PIMI) Overview

The Private Information Management Initiative seeks to identify and reduce the amount of Private Information found on RIT computers and storage devices. Private information is information that is typically used to conduct identity theft and may include Social Security Numbers (SSNs), credit card numbers, driver’s license numbers, bank account information, etc.

Reducing the amount of Private Information (PI) will help safeguard the RIT community against identity theft and will help RIT comply with relevant state and federal laws. 

Goals

  1. Increase awareness of the importance of safeguarding all private information, not just SSNs
  2. Increase awareness
  3. ... ...

Mobile Devices

Mobile Devices

Mobile devices are not always designed with security in mind and, as a result, are not as secure as most computers.

There are a number of ways in which information on a mobile device may be breached: theft of the device, attacks on your service provider, wireless hijacking or "sniffing", and unauthorized access. Because mobile devices may be more easily stolen or compromised, users of these devices must take precautions when using them to store or access Private or Confidential information. 

Private Information... ...

Virtual Private Networks

Virtual Private Networks

A Virtual Private Network (VPN) is a technology that allows for secure transmissions across the Internet between two networks by using a secure "virtual tunnel." Without using VPN, data (including passwords and confidential information) transmitted via the Internet is exposed and can be intercepted by third parties.

VPN should always be used to access RIT resources that are normally unavailable to users outside of the wired Institute network (such as department-specific services and network shares). This means that unless you are at a wired machine on campus, you must connect to the Institute network using VPN if... ...

Computer Incident Handling Standard

Computer Incident Handling Standard

RIT has created a process for handling computer incidents to ensure that each incident is appropriately resolved and further preventative measures are implemented.

Computer Incident Handling Standard

Who does the standard apply to?

  • The standard primarily applies to administrators of RIT-owned or leased computing devices.
  • The standard also applies to users of personally-owned or leased devices should the incident involve RIT resources.

What is an incident?

Incidents include the... ...