archive-edu.com » EDU » C » COLUMBIA.EDU

Total: 400

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Recommended Columbia University Web Environment | Columbia University Information Technology
    require it The modules should be invoked only in areas of the system where these programs are permitted to be run Restrict Information Leakage In general you should restrict the amount and nature of the information about your system that is exposed to visitors without authentication or authorization For example standard error pages frequently display operating system web server and application version information such information can be used by malicious parties to attack a system For example in Apache 2 2 and above server information can be restricted with these configuration directives ServerTokens Minimal ServerSignature Off Applications running on a web server should also be carefully checked for information restrictions For example Tomcat can be configured to remove its version number from error pages Additionally some web servers provide special URLs to display specific server information and status e g Apache server info and server status Access to the URLs should be restricted or disabled to prevent disclosure of this information to potential attackers Server Side Includes If you allow server side includes you should restrict arbitrary code execution For example in Apache use IncludesNoExec as one of the directory directives Defend against Cross Site Attacks You should take steps to limit exposure to cross site scripting and similar attacks In many cases this is an application development and architecture issue but some measures can be taken in the web server configuration For example you should disable the HTTP Trace method In Apache use this configuration directive TraceEnable Off Strengthen SSL Configuration If you are using SSL you should use the most recent versions of your Web server software and its secure components Further steps to further secure environments Disable old SSL versions SSL v2 should be disabled This is an old version of the SSL protocol and has been superseded by newer more secure versions For example in Apache you can disallow SSL v2 by using this in your configuration file SSLProtocol all SSLv2 Use Strong Ciphers Only strong ciphers at least 128 bits should be allowed and cipher preference order if available should be enforced to prefer the strongest ciphers For example in Apache 2 2 using mod ssl SSLCipherSuite HIGH MEDIUM aNULL MD5 Some SSL attacks can be mitigated by carefully choosing the cipher order For example vulnerability to certain attacks can be mitigated by preferring certain ciphers over others and by turning off data compression BEAST vulnerability choice of cipher suite CRIME vulnerability compression It is imperative to keep up abreast of security developments and deploy preventative measures to prevent damage from future attacks Directory Restrictions Your web server s root directory should always have the most restrictive configuration enabled to reduce the likelihood of security breaches For example in Apache you might include this in your configuration Directory Options None AllowOverride None Order allow deny Directory Many web servers allow directory listings displaying the list of files in a directory if no index file is present and will follow symbolic links aliases You should disable

    Original URL path: http://cuit.columbia.edu/recommended-columbia-university-web-environment (2016-05-01)
    Open archived version from archive


  • IT Policy History | Columbia University Information Technology
    Security Information Security Audit and Evaluation Information Security Media Backup and Controls 4 Registration and Protection of Endpoints Policy CU Desktop and Laptop Security CUIT Security Electronic Information Resources Security Encryption Peer to Peer P2P File Sharing Security Requirements When Storing Sensitive Data University Mobile Phone Registration Password Data Sanitization Workstation Use and Security General Information Security Information Security Media Backup and Controls 5 Social Security Number SSN Usage Policy Social Security Number SSN and Unique Person Number UPN Usage N A 6 Network Protection Policy Network and Communications Equipment Policy Network Bandwidth Quotas N A 7 Electronic Data Security Breach Reporting and Response Policy Electronic Data Security Breach Reporting and Response Privacy and Information Security Incident Procedure 8 Information Resources Acceptable Usage Policy Acceptable Usage of IT Resources Electronic Information Resources Security Workstation Use and Security Information Security Backup Device and Media Controls 9 Email Policy Email Usage and Retention Email 10 Information Resource Access Control and Log Management Electronic Information Resources Security Remote Access System Access and Privacy Information Security Audit and Evaluation Workstation Use and Security General Information Security Policy 11 Information Security Risk Management Policy N A Information Security Management Process 12 Sanitization and Disposal of Information Resources Data Sanitization Disposal of Electronic Equipment Electronic Information Resources Security Information Security Backup Device and Media Controls 13 Business Continuity and Disaster Recovery Policy N A Information Security Disaster Contingency and Recovery Plan myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Manage my UNI Security Awareness Training Software and Downloads Search CUIT Go Text Size a a Other Columbia IT Groups Columbia University Medical Center Information Technology CUMC IT

    Original URL path: http://cuit.columbia.edu/it-policy-history (2016-05-01)
    Open archived version from archive

  • Anti-Malware | Columbia University Information Technology
    This is where an Anti malware application becomes necessary Columbia students faculty and staff are provided with a free license for Symantec Endpoint Protection This software can be installed both at home and in the office While scanning a machine with an Anti malware application is a good measure it does not need to be done every day The realtime protection functionality is much more immediately helpful This functionality will attempt to stop and quarantine malware as it attempts to execute Keep in mind that an Anti malware application cannot defeat viruses or spyware that it does not know about so it s very important that it be kept up to date Symantec and Norton products use something called LiveUpdate to accomplish this LiveUpdate can be configured easily to update daily or weekly but be sure not to set it to a time when the machine will be turned off If your office workstation is administered for you is part of a LAN or you use the CUIT Central server please contact your system administrator before using the Symantec software If you currently have other anti malware software on your computer but you would prefer to use Symantec Endpoint Protection you will need to Un Install your existing software before installing Symantec Endpoint Protection If you try to run two Anti virus programs on your computer they can conflict with other and not provide any protection at all Download page for Symantec Endpoint Protection Computer Associates Spyware Information Center Symantec s website To reach this page quickly in the future use the keyword antivirus Reporting Security Problems Send reports of security incidents attacks or questions to security columbia edu myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email

    Original URL path: http://cuit.columbia.edu/cuit/it-security-practices/anti-malware (2016-05-01)
    Open archived version from archive

  • Backing Up | Columbia University Information Technology
    office people at your department may have implemented something that does it for you Even if this isn t an option for you simply burning the very important things on a CD R every so often and keeping it in a safe place will mitigate most catastrophes How to use the Backup Utility in Windows XP Backup and Restore in Windows 7 Mac 101 Time Machine To reach this page quickly in the future use the keyword backups Reporting Security Problems Send reports of security incidents attacks or questions to security columbia edu myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Anti virus Backing Up CUIT Security Downloads CUIT Security How To s CUMC IT Security Filesharing Networks Handling Personally Identifying Information Information Security Tips and Tricks Keep Your Operating System Up To Date Phishing Scams and Spam Physical Security Protecting Your Passwords Social Networking Do s and Don ts Students Getting Started with Computer Security Symantec Security Response Using Strong Passwords Windows Update Manage my UNI Security Awareness Training Software

    Original URL path: http://cuit.columbia.edu/cuit/it-security-practices/backing (2016-05-01)
    Open archived version from archive

  • CUIT Security Downloads | Columbia University Information Technology
    and Nuke Click here for information and downloads relating to DBAN a tool for secure file deletion CUSpider This link takes you to the CUIT page for CUSpider a Windows application for scanning your workstation for Personally Identifiable Information PII such as Social Security Numbers WinZip fully licensed Click here to download the latest version of WinZip fully licensed to Columbia University WinZip is CUIT supported for encryption of files and email attachments myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Anti virus Backing Up CUIT Security Downloads CUIT Security How To s CUMC IT Security Filesharing Networks Handling Personally Identifying Information Information Security Tips and Tricks Keep Your Operating System Up To Date Phishing Scams and Spam Physical Security Protecting Your Passwords Social Networking Do s and Don ts Students Getting Started with Computer Security Symantec Security Response Using Strong Passwords Windows Update Manage my UNI Security Awareness Training Software and Downloads Search CUIT Go Text Size a a Other Columbia IT Groups Columbia University Medical Center Information Technology CUMC

    Original URL path: http://cuit.columbia.edu/cuit/it-security-resources/cuit-security-downloads (2016-05-01)
    Open archived version from archive

  • CUIT Security How To's | Columbia University Information Technology
    Windows XP Firewall Instructions for setting secure passwords on Windows computers Instructions for keeping your computer safe from viruses worms and spyware Instructions for using Symantec Endpoint Protection Instructions for using CUSpider myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Anti virus Backing Up CUIT Security Downloads CUIT Security How To s CUMC IT Security Filesharing Networks Handling Personally Identifying Information Information Security Tips and Tricks Keep Your Operating System Up To Date Phishing Scams and Spam Physical Security Protecting Your Passwords Social Networking Do s and Don ts Students Getting Started with Computer Security Symantec Security Response Using Strong Passwords Windows Update Manage my UNI Security Awareness Training Software and Downloads Search CUIT Go Text Size a a Other Columbia IT Groups Columbia University Medical Center Information Technology CUMC IT Center for Digital Research and Scholarship CDRS Business School Information Services ITG Law School Information Technology SIPA Computer Facilities Social Work Computing and Instructional Technology Columbia College Information Technology CCIT Columbia Center for New Media Teaching and Learning Search Columbia

    Original URL path: http://cuit.columbia.edu/cuit/it-security-resources/cuit-security-how-tos (2016-05-01)
    Open archived version from archive

  • Filesharing Networks | Columbia University Information Technology
    copyright owners and their agents to join the filesharing network and collect that information themselves The programs and networks themselves present security risks The programs often come packaged with spyware and the networks are congested with viruses pretending to be popular songs or movies Copyright File Sharing And Responsible Use Of Electronic Resources Legal Online Entertainment Options Columbia Copyright Policy and Useful Links To reach this page quickly in the future please use the keyword filesharing Reporting Security Problems Send reports of security incidents attacks or questions to security columbia edu myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Anti virus Backing Up CUIT Security Downloads CUIT Security How To s CUMC IT Security Filesharing Networks Handling Personally Identifying Information Information Security Tips and Tricks Keep Your Operating System Up To Date Phishing Scams and Spam Physical Security Protecting Your Passwords Social Networking Do s and Don ts Students Getting Started with Computer Security Symantec Security Response Using Strong Passwords Windows Update Manage my UNI Security Awareness Training Software and Downloads

    Original URL path: http://cuit.columbia.edu/cuit/it-security-practices/filesharing-networks (2016-05-01)
    Open archived version from archive

  • Handling Personally Identifying Information | Columbia University Information Technology
    strong encryption or removed The capture storage and retention of confidential and sensitive information by CUIT employees is permissible only if it is a University business requirement and complies with Columbia University s Social Security Number and Unique Person Number Usage policy Data Classification policy and University Requirements for Endpoints Containing Sensitive Data Even if you a private or student user it is still highly advised to identify and secure your data with comprhensive tools and encryption The Workstation Security Best Practices User Guide provides ten technical and procedural steps for securing your computer and work environment Please read the document and adhere to these best practices This page provides information and software tools to identify remediate and secure sensitive personally identifiable information PII that could be resident on your computer PII SSN Scanning Software Use specialized applications to identify all vulnerable instances of PII on your workstation Remediation Tips Tips on how to proceed once you ve identified vulnerable PII on your workstation Encryption Tools Use strong cryptography to secure any instances of PII or protect the entire disc Supplemental Tools Other programs that can provide Data Loss Protection To reach this page quickly in the future use the keyword PII Reporting Security Problems Send reports of security incidents attacks or questions to security columbia edu myUNI Service Desk myColumbia FAQ A Z Services About Us Give Us Feedback Computing Support About CUIT CUIT Careers CUIT Email Services Research Computing Services Teaching Learning Applications CUIT Public Computing Facilities IT Policies IT Security Resources Anti virus Backing Up CUIT Security Downloads CUIT Security How To s CUMC IT Security Filesharing Networks Handling Personally Identifying Information Information Security Tips and Tricks Keep Your Operating System Up To Date Phishing Scams and Spam Physical Security Protecting Your Passwords Social Networking Do s

    Original URL path: http://cuit.columbia.edu/cuit/it-security-practices/handling-personally-identifying-information (2016-05-01)
    Open archived version from archive



  •