Note: This requirement applies only to RIT-owned and leased computers. There is currently no requirement for personally-owned machines to run host intrusion prevention.
Currently, personal networking devices used on the RIT residential network (such as routers, switches, etc.) do not need to meet the Network Security Standard. Resnet has created separate guidelines for Using a Router/Wireless Router on the RIT Network.
The following products have all been tested by the Information Security Office and approved for use on RIT-owned/leased computers.
Recommended Host-based Intrusion Prevention Software
Media Disposal Recommendations
Use a shredder. Crosscut is preferred over a strip shredder.
Disposal of paper records containing Private or Confidential information should be accomplished by crosscut (or better) shredding, placement in a locked document destruction bin, or through vendor-supplied services under a contract approved by Purchasing.
CD, DVD, diskette, etc.
Use the media shredder (located at the ITS HelpDesk, 7B-1113).
If the hard drive is to be reused, contact
Printers often handle RIT Confidential information, but they can easily be overlooked when securing a network. Use the following best practices to secure any printers you support:
- Update the firmware.
- Assign a password for web access to the printer.
- Change the SNMP community strings. (These are the equivalent of printer "passwords." "Public" and "private" are the defaults and are widely known.)
- Disable any unused protocols. (Do you really need Novell IPX enabled, etc?)
- If possible, change the default TCP port from 9100 to another port number. (Specific exploits target the default port and may cause the printers to print blank pages. However, ... ...
Encryption at RIT
Several RIT Security Standards refer to ISO-approved encryption. ISO-approved encryption is divided into two categories: Preferred and Acceptable. Preferred encryption methods were chosen based on standard industry usage and their ability to support RIT business processes. RIT's current product is McAfee FDE.
RIT Security Standard
Network Connections (including web browsers)