security homepage

computing and electronic communications policy

copyright & filesharing

information security brochure

password security

remote access

reporting security breaches

scams, hoaxes, & phishing

Connecting Securely

wireless computing security

 
Syracuse University IT security standards and procedures are created by the University's Information Security Officer (ISO) in conjunction with the Information Security Council (ISC) and are approved by the University's Chief Information Officer (CIO). The standards and procedures are also subject to vetting and refinement by the Technology Leadership Committee (TLC) and members of the campus technology community.

Comments or questions about these standards and procedures can be submitted to itsecurity@listserv.syr.edu. All of the IT standards listed below are based on Syracuse University policies, which are available on the University's Policies Web site.

Syracuse University Information Security Standard: This standard is the keystone of all the security standards, as it defines the kinds of data ("University data" or "University Information") that we are most concerned about protecting.

Component Standards:

  • Remote Access Standard: Describes how people will access University data from remote locations or transport University data on mobile devices.
  • Desktop Security Standard: Describes how desktops, laptops, and PDA's will be configured and used securely.
  • Server Security Standard: Describes how University servers must be configured and managed.
  • Authentication Standard: Describes how to manage authentication processes typically associated with accounts and passwords.
  • Encryption Standard: Describes where encryption must be applied to stored data and network traffic.
  • Data Sanitization Standard: Describes how to safely dispose of electronic media and devices. (To be written)
Associated Procedures:
  • The Exception Process: Describes how to handle exception requests for existing policies and standards.
  • The CIRT and Incident Handling - TBD
  • Requesting an Investigation - TBD