Server Security Standard
The Server Standard provides requirements for server configuration and use at RIT.
A list of ISO-approved security assessment tools, HIPS programs, secure protocols, and a sample trespassing banner can be found in the Technical Resources
What does the standard apply to?
All servers (including production, training, test, and development) and the operating systems, applications, and databases as defined by this standard.
The standard does not apply to individual student-owned servers or faculty-assigned student servers for projects; however, administrators of these servers are encouraged to meet the Server Standard.
Recommended Strong Authentication Practices
The RIT Information Security... ...
Vulnerability Management Program at RIT
In order to reduce information security risks, RIT conducts periodic vulnerability assessments that consist of scanning computers campus-wide for high-risk exposures. In addition, the ISO or its designee may scan as needed for vulnerabilities that are under attack.
What is RIT scanning for?
The vulnerability assessments will include scans of communication services, operating systems, and applications to identify high-risk system weaknesses that could be exploited by intruders. These exploits have the potential to compromise the confidentiality, integrity or availability of RIT information resources.
Which computers may be scanned?
All computers connected to the Institute campus... ...