Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
This material is meant as a guide for department administrators and technicians working to minimize the chance of an IT security breach on Indiana University computer systems, telecommunications, or other information technology systems. This document is not meant to be comprehensive -- there are other resources and actions administrators and technicians must take to maximize the appropriate protections afforded to these IT systems.
installed in order to minimize the risk caused by the particular flaw. Consider scanning and securing a single machine and then using a disk imaging utility (like Norton's Ghost product) to copy that secure image to other machines. This process is extremely helpful when deploying similarly configured machines that are purchased as part of the equipment life-cycle replacement process.
disclosure. There are several technologies that can be used to protect sensitive data: Technicians and data users must encrypt sensitive data where the application or process can support it. PGP can be used to encrypt standalone files as well as e-mail communications. SSL is a method used to protect data passed between a web browser and web server. An SSL certificate should be installed on any web server that: Displays or collects sensitive institutional and/or personal data Performs username and password authentication SSH is a replacement for insecure protocols such as TELNET and FTP. It uses strong cryptography to protect the data transferred between a client and a server. See SSH Installation and Use for additional information. For a broader discussion of secure data transmission, see Secure File Transfer Alternatives.