Services

Web Security Standard

Submitted by ISO Admin on Thu, 01/25/2018 - 14:13

Web Security Standard

The Web Standard provides measures to prevent, detect, and correct compromises on web servers that host RIT Confidential information or use RIT Authentication services. The standard includes configuration and documentation requirements.

Documented Standard

  • Current Web Security Standard (reflects 2015 operational transition, supersedes previous version, comply by 1/23/15)
  • NOTE: As of 12/5/2014, SSL is no longer considered to be secure.

When am I required to follow the standard?

  • If you own, administer, or maintain
    • ... ...

Security Standard: Solutions Life Cycle Management

Submitted by kdbiso on Thu, 07/17/2014 - 15:16

Security Standard: Solutions Life Cycle Management

 

 

 

Scope

 

The standard applies to new IT services (including third-party and RIT-hosted, and software as a service) that meet any one or more of the following:

 

  • host or provide access to Private or Confidential information
  • support a Critical Business Process

 

 

Requirements

 

The following security controls are required to be implemented.

 

1.      Engagement

 

1.1.   Contact the Information Security Office and ITS prior to investigating, evaluating, selecting, or developing a new... ...