Requirements for Faculty and Staff
- Read and understand the RIT Code of Conduct for Computer and Network Use and the RIT policy regarding Digital Copyright.
- In addition to compliance with all standards and policies, administrators should refer to the Resources section for implementation configurations, guidelines, and best practices.
Make sure you understand and comply with all applicable standards.
Security Standards
| Standard | When does it apply? |
|---|---|
| Desktop and Portable Computer Standard | Always |
| Password Standard | Always |
| Information Access & Protection Standard | Always |
| Cyber-Security (Computer) Incident Handling Standard | Always |
| Portable Media Standard | If you are storing Private or Confidential information on portable media, such as USB keys, CDs, DVDs, and flash memory. If you must store Private information on portable media, the media must be encrypted. |
| Web Security Standard | If you have a web page at RIT, official or unofficial, and you:
|
| Signature Standard | If you are sending out an e-mail, MyCourses, or Message Center communication relating to Institute academic or business purposes. This applies to both RIT and non-RIT e-mail accounts. |
| If you own or administer any production, training, test, or development server, and/or the operating systems, applications or databases residing on it. | |
| Network Security Standard | If you own or manage a device that:
|
| Account Management |
|
| Solutions Life Cycle Management | RIT departments exploring new IT services (including third-party and RIT-hosted, and software as a service) that meet any one or more of the following:
|
| Disaster Recovery | For business continuity and disaster recovery. Applies to any RIT process/function owners and organizations who use RIT information resources. NOTE: The “in compliance by” date for this standard is January 23, 2016. |
All instances of non-compliance with published standards must be documented through the exception process.
Information Handling Quick Links
| Link | Overview |
|---|---|
| Digital Self Defense 103 - Information Handling | Covers important security issues at RIT and best practices for handling information safely. |
| Disposal Recommendations | How to safely dispose of various types of media to ensure RIT Confidential information is destroyed. |
| Recommended and Acceptable Portable Media | List of recommended and acceptable portable media devices (such as USB keys, CDs, DVDs, and flash memory). |
| Mobile Device Usage Recommendations | Recommendations for mobile device usage at RIT |
| VPN | Recommended for wireless access to RIT Confidential information. |
| E-mail at RIT | Improve the security of your e-mail at RIT. |
Safe Practices
- Visit our Keeping Safe section to find security resources and safe practices and to see our schedule of upcoming workshops.
- Find out more about how information security affects you by becoming a Fan of the RIT Information Security Facebook page.
- Follow us on Twitter for updates on current threats.
Questions
If you have questions or feedback about specific information security requirements, please contact us.