Tips and Best Practices
This is repository of tips and best practices covering a variety of information security-related technology topics. The content has been written primarily for individuals who develop, implement or maintain the technologies that we use or are considering for our campus. Thus, it assumes that the reader has a technology background, unlike the Information Security Basics section for general audiences. Individuals who are curious about how security technology works or who want a deeper, more technical understanding of the various technologies and how they are best protected may find the content useful.
For each topic, we provide background information regarding how security technologies work, the benefits that each of these technologies provide, and how that can be implemented in a secure manner.
Links to best practices have been defined by a variety of government standards agencies, private security organizations, and software and hardware vendors.
- Anti-Virus/Anti-Malware Technology
- Authentication, Single Sign-On and Federation
- Best Practices from Standards Organizations and Vendors
- Building "Attack-Resistant" Application Software
- Computer Forensics
- Data Obfuscation or "Masking"
- Database Security
- Directory Systems and Identity Management
- Encryption and Digital Signatures
- Firewalls, Intrusion Prevention and VPNs
- IP Ports and Protocols
- Network Fundamentals - Internet Protocol and IP Addressing
- Network Fundamentals - Switches, LANs, Routers and Other Networking Devices
- Password Attacks and Countermeasures
- Security Information and Event Monitoring (SIEM)
- Secure Email
- Vulnerability Scanners
- Work from Home IT Security Guidelines
If you have any questions or need additional information, please contact the Information Security Office through the OIT Support Center at extension 2828 or firstname.lastname@example.org.