• F&A Home
• Search
• A-Z Index
• Directories
• MyRIT

• Students
• Faculty & Staff
• Systems Administrators Resources

• Resources
• Alerts/Advisories
• Digital Self Defense
• Safe Practices
• Projects & Services
• Standards & Policies
• Forms
• About Us/Contacts

Desktop and Portable Computer Security

To protect the RIT community and the Institute network from computer-borne threats, RIT has created minimum security requirements for desktop and laptop computers.

What's New in 2009?

As of August 1, 2009, the following changes in the Desktop and Portable Computer Standard will take effect:

• Scope now includes all machines (both personally-owned and RIT-owned) that connect to the Institute network. (Computers used solely to access web pages or webmail are still excluded).
• RIT-owned and leased computers:
• Laptops must employ whole-disk encryption (see http://security.rit.edu/laptopencrypt.html for more information).
• Computers must be auditable from centralized ISO-approved configuration and software management tools where available.
• A Host Intrusion Prevention System (HIPS) must be in place. See http://security.rit.edu/essentials.html for a list of recommended programs.
• Some form of anti-phishing control must be in place (see http://security.rit.edu/dsd/bestpractices/phishing.html for more information).
• Users must lock or log out of their computers when leaving them unattended.
• A user account with limited privileges must be used unless a divisional VP or dean has approved administrative access.

What does it apply to?

• All RIT-owned or leased computers.
• Any computer (physical or virtual) connecting to the RIT network through a physical, wireless, dial-up, or VPN connection.

The standard does not apply to:

• Computers used only to access RIT web pages, Webmail, etc. from off campus. (RIT recommends strongly that users follow the requirements of the standard on all computers.)
• Cell phones, pagers, PDAs, and other special purpose devices that connect to the Institute network solely through Web, portal, or application access.

What do I need to do?

• The Desktop and Portable Computer Checklist General User is the quickest way to check if you comply with the security requirements.
• A Desktop and Portable Computer Checklist Systems Support is available systems support personnel to ensure supported users comply with the standard.
• Use our Essentials page to find the required software and supporting documentation for the Desktop Standard.
• Our Digital Self Defense Workshops provide a basic introduction to information security issues and include interactive simulations that let you practice using the required software in a safe environment.

Desktop and Portable Computer Standard

• Desktop and Portable Computer Standard (eff. 8/1/09)
• Desktop and Portable Computer Standard Plain English Guide (eff. 8/1/09)
• Desktop and Portable Computer Standard (previous version, eff. 8/15/06)

Last Modified: 07.09.2009 Copyright © 2000 - 2009 Rochester Institute of Technology Contact Webmaster Privacy Statement