System Administrator

Cyber-Security Incident Handling Standard

Submitted by ISO Admin on Mon, 08/14/2017 - 11:22

Cyber-Security Incident Handling Standard

RIT has created a process for handling computer incidents to ensure that each incident is appropriately resolved and further preventative measures are implemented.

Cyber-Security Incident Handling Standard

Who does the standard apply to?

  • The standard primarily applies to administrators of RIT-owned or leased computing devices.
  • The standard also applies to users of personally-owned or leased devices should the incident involve RIT resources.

What is an incident?

Incidents include the following types of events:

  • Physical loss of a computing device
    • ... ...

Technical Resources

Submitted by ISO Admin on Thu, 03/02/2017 - 10:05

Technical Resources

This section of the website contains links to tools and documentation specifically for use by administrators. Scroll to the bottom of the page to access these resources.

What are my responsibilities as an administrator?

You are responsible for ensuring that all web resources, computers, servers, network devices, and any other types of computing devices that you support comply with all published standards.

You are also responsible for prompt reporting of computer incidents to the ISO in accordance with the Computer Incident Handling Standard.

Computer Incident Handling Resources

Server Security Standard

Submitted by ISO Admin on Fri, 12/09/2011 - 14:03

Server Security Standard

The Server Standard provides requirements for server configuration and use at RIT.

A list of ISO-approved security assessment tools, HIPS programs, secure protocols, and a sample trespassing banner can be found in the Technical Resources

What does the standard apply to?

All servers (including production, training, test, and development) and the operating systems, applications, and databases as defined by this standard.

The standard does not apply to individual student-owned servers or faculty-assigned student servers for projects; however, administrators of these servers are encouraged to meet the Server Standard.

Recommended Strong Authentication Practices

The RIT Information Security... ...

Network Security Standard

Submitted by ISO Admin on Fri, 12/09/2011 - 13:58

Network Security Standard

The Network Security Standard provides measures to prevent, detect, and correct network compromises. The standard is based on both new practices and best practices currently in use at RIT.

Please consult the checklist or the standard below for a complete list of requirements.

Who does it apply to?

All systems or network administrators managing devices that:

  • Connect to the centrally-managed Institute network infrastructure
  • Process Private or Confidential Information
 

Currently, personal network devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. However, the... ...