Welcome to
Information Security

The Information Security Office provides leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s  information resources.

Learn more »

Are you the
Weakest Link

Get information on how to safely remove private information from your devices and stay protected. The chain of security is in your hands.

Learn more »

Guard your
Private Information

The Private Information Management Initiative (PIMI) seeks to identify and reduce the amount of private information found on RIT computers and storage devices.

Learn More »

Learn about

The ongoing evolution of digital communication also brings about the evolution of scammers and their methods. Phishing is one kind of such fraud, in which the attacker masquerades as a reputable individual or group, in order to trick users into revealing their private information. Check out our resources to learn how not be baited and reeled in!

Learn more »


Important Message from Faculty/Staff Phishing Email

A little over a week ago, RIT users were targeted in a phishing attack that masqueraded as important messages. The links provided in the email messages resembled our myinfo page.

Here’s one of the variants below. You’ll note that although the end of the link is myinfo.rit.edu, the first part of the link is to a location in Brazil. Clicking on that link would take you to the website that mimics myinfo.rit.edu, not to the RIT site. 

From: INTERNAL ACCOUNT NAME [mailto:address@rit.edu]

Sent: Wednesday, October 19, 2016 3:56 PM... ...

Millions of Email Accounts Compromised

If you haven’t already, you should change your RIT and other email account passwords right now. Last week, Hold Security found that millions of Yahoo Mail, Gmail, and Hotmail account credentials were being traded in the criminal underworld. The culprit that managed to obtain these stolen credentials is a Russian hacker, known only as “the Collector”, who seems to be offering up the information mostly for free.

The majority of stolen accounts were from Russia’s popular email service, Mail.ru. Also compromised were approximately 40 million Yahoo Mail accounts, 33 million Microsoft Hotmail accounts, and 24 million Gmail account credentials.... ...

Benefits of Using a Password Manager

Using a password manager is the easiest way to keep your personal and private information safe. A password vault stores your passwords securely, allowing you to save the information in the cloud or on your personal computer. This allows you to use truly random combinations in all of your passwords, making them much harder for malicious users or bots to crack. Password managers also protect you from giving away private information inadvertently. In fact, there are multiple reasons you should be using a password manager right now.

Remember Only One Password

A password manager stores all of your passwords in... ...

How to Manage Passwords for Optimal Security

When it comes to passwords, the longer the better. However, even if you have created a secure password, re-using it is the quickest way to undermine your security. If you reuse a password for multiple accounts, it is only as strong as the least secure service/website it is being used on. No matter how strong your passwords, if you do not take steps to handle them properly, your personal and private information can be compromised. Follow the tips below to help you manage your passwords.

Don’t Write Critical Passwords Down

If you have to write something important like your banking... ...

How to Create Strong Passwords

As you have probably heard, using strong passwords is important. This is because strong passwords can protect you from some very serious incidents such as having your online reputation hacked, your money taken, and/or your identity stolen. If you are unsure what constitutes a strong password, please refer to the RIT Password Standard. Below are some additional strategies to help you create a strong password that is easy to remember.

General Method

  • No one agrees on an exact minimum password length, but generally between 10 and 14 characters is a good length. Anything longer is even better, but it
  • ... ...