Position Papers

Welcome to the Information Security Office's position papers library. This area houses documents outlining the ISO's view on a number of security-related topics and provides guidance concerning University standards. Check back often, as new papers will be posted as they become available.

Accessing University Data with Elevated Privileges

Accessing University Systems and The Use of Personal Devices (updated 3/22/23)

Automatic Email Forwarding (NEW)

Bastion Hosts

Campus-wide Discovery Scanning

Data Classification Types Approved for OneDrive (Login Required)

Data Transmission and Encryption Standards

Device Reimaging

Duo Security Multifactor Usage

Emergency Vulnerability Patching

Emergency Vulnerability Scanning

Endpoint Protection Software (Login Required)

Global Access Firewall Rules

InCommon Certificate Use for SSL/TLS

LastPass Password Manager Adoption

Locking Computer Screens and Devices

Multifactor Authentication Requirement for Office 365

Network Storage of Files Containing Personally Identifiable Information

Non-person “service” Account Maintenance and Lifecycle

Operating Systems (updated 3/22/23)

Personal Devices in China

Princeton Private Network Access

Prohibition of Unauthorized Access from OFAC Sanctioned Countries (Login Required)

Restricted Data Access from Off Campus

Self-Signed Certificates

Thick Client Access to Internal Databases

URL Shortening (updated 12/1/22)

Windows Server Administrator Accounts