Position Papers
Welcome to the Information Security Office's position papers library. This area houses documents outlining the ISO's view on a number of security-related topics and provides guidance concerning University standards. Check back often, as new papers will be posted as they become available.
- Bastion Hosts
- Campus-wide Discovery Scanning
- Data Classification Types Approved for OneDrive LOGIN REQUIRED
- Data Transmission and Encryption Standards
- Device Reimaging
- Duo Security Multifactor Usage
- EndPoint Protection Software LOGIN REQUIRED
- Emergency Vulnerability Patching
- Emergency Vulnerability Scanning
- Global Access Firewall Rules
- InCommon Certificate Use for SSL/TLS
- LastPass Password Manager Adoption
- Locking Computer Screens and Devices
- Multifactor Authentication Requirement for Office 365
- Network Storage of Files Containing Personally Identifiable Information or Restricted Data
- Non-person Service Account Maintenance and Lifecycle
- Obsolete Operating Systems
- Remotely Connecting to University Systems *REVISED 3/6/20*
- Restricted Data Access from Off Campus
- Self-Signed Certificates
- Thick Client Access to Internal Databases
- URL Shortening
- Windows Server Administrator Accounts