System Administrator

Technical Resources

This section of the website contains links to tools and documentation specifically for use by administrators. Scroll to the bottom of the page to access these resources.

What are my responsibilities as an administrator?

You are responsible for ensuring that all web resources, computers, servers, network devices, and any other types of computing devices that you support comply with all published standards.

You are also responsible for prompt reporting of computer incidents to the ISO in accordance with the Computer Incident Handling Standard.

Information Security Standards and Policy

Computer Incident Handling Resources

Security Checklists

Exceptions

The Information Security Office has provided a method for obtaining an exception to compliance with the published security standards.

Questions

If you have any questions or feedback about specific information security requirements, please e-mail us at infosec@rit.edu.

Tags:

Server Security Standard

The Server Standard provides requirements for server configuration and use at RIT.

A list of ISO-approved security assessment tools, HIPS programs, secure protocols, and a sample trespassing banner can be found in the Technical Resources

What does the standard apply to?

All servers (including production, training, test, and development) and the operating systems, applications, and databases as defined by this standard.

The standard does not apply to individual student-owned servers or faculty-assigned student servers for projects; however, administrators of these servers are encouraged to meet the Server Standard.

Recommended Strong Authentication Practices

The RIT Information Security Office recommends that all systems requiring strong authentication

comply with RIT's password and authentication standard (REQUIRED)
use a complex password of 12 or more characters. Fifteen or more characters are preferred.
use multi-factor authentication such as:
- tokens
- smart cards
- soft tokens
- certificate-based authentication (PKI)
- one-time passwords (OTP)
- challenge / response systems
- biometrics

Approved Vulnerability Scanners

Nessus, Nexpose, and NMap are approved for scanning servers at RIT. For information on the scanning conducted by the RIT Information Security Office see the Vulnerability Management Program at RIT.

Approved Encryption Methods

See Encryption at RIT for approved encryption methods.

Server Security Standard

Server Security Standard (pdf) (eff. 8/1/09)
Server Security Checklist (eff. 8/1/09)
Server Security Plain English Guide (eff. 8/1/09)

Tags:

Network Security Standard

The Network Security Standard provides measures to prevent, detect, and correct network compromises. The standard is based on both new practices and best practices currently in use at RIT.

Please consult the checklist or the standard below for a complete list of requirements.

Who does it apply to?

All systems or network administrators managing devices that:

Connect to the centrally-managed Institute network infrastructure

Process Private or Confidential Information

Currently, personal network devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. However, the use of wireless routers is prohibited in residential areas on campus. The use of wired routers is still acceptable. Read and comply with the requirements in the Resnet guide to Using a Router on the RIT Network prior to using them.

See our Wireless Networking page for information on how to access wireless networks at RIT and how to set up and use a wireless network at home.

What do I need to do?

Use the Network Security Checklist to set up your networking device.

Network Security Standard

Because of the technical nature of this standard and its audience, we have not created a Plain English Guide. Network administrators should consult the Technical Resources pages for detailed information, including preferred and prohibited protocols, trespassing banners, etc.

Network Security Standard (pdf)

Network Security Checklist (pdf)

Tags:

Computer Incident Handling Standard

RIT has created a process for handling computer incidents to ensure that each incident is appropriately resolved and further preventative measures are implemented.

Report a Computer Incident

Who does the standard apply to?

The standard primarily applies to administrators of RIT-owned or leased computing devices.
The standard also applies to users of personally-owned or leased devices should the incident involve RIT resources.

What is an incident?

Incidents include the following types of events:

Physical loss of a computing device (including storage devices)
Detection of unauthorized users accessing a computing device
Discovery of malware on a computing device
Discovery of critical vulnerabilities or improper configuration that could result in a breach of information

What do I have to do?

Everyone	If the incident involves the loss or theft of a device containing Private, Confidential or Operationally Critical information, you must immediately file a report with Public Safety.
Self-supported users	If the device contains Private, Confidential or Operationally Critical information, contact your support organization immediately. If the device does not contain Private, Confidential or Operationally Critical information, you can attempt to resolve the issue on your own.
Users supported by Systems Administrators	Contact the ITS HelpDesk if you cannot resolve the problem on your own. If they discover high risk threats, they will engage the Computer Incident Handling process Report any suspicious computer activity to your support organization. Anything from a drastic slowdown in computer performance to something as simple as the cursor moving around on its own constitutes suspicious activity.
System Administrators	Report the incident to the Information Security Office. Read and understand the Computer Incident Handling Standard and the process flow chart before an incident occurs! Quick action is essential to minimizing damage, so know what needs to be done ahead of time. Visit the Systems Administrators Resources page to find tools and additional information