General UTech policies
- Hardware firewalls (revision posted 2005-01-24): Hardware firewalls are prohibited on the network. Valuable information assets should be placed in a UTech data center.
- Excessive outgoing bandwidth consumption: Users may not consume a disproportionate amount of outbound network bandwidth.
- Sniffing Policy 1.0, 2004-03-22: The use of network sniffers (software that opens a network interface in promiscuous mode) is prohibited on the Case network without prior arrangement with UTech.
- Software firewalls: Users should employ host-based firewall software on their individual computers. Windows XP and Mac OS X users should enable built-in firewall features. Unix users should employ ipchains, iptables, ipfw, or similar.
- User-provided domain names: Users may not cause a hostname outside the Case domains to point to an IP address within the Case address spaces.
- User-provided wireless access points: Users may not connect a wireless access point to the network, nor use the wireless capabilities of a network-connected computer to provide wireless network access.
All university information systems are subject to the following federal regulations:
- Family Educational Rights and Privacy Act or FERPA (concerning student records) - stated in the Case General Bulletin
- Gramm-Leach-Bliley Act or GLBA (concerning financial information handling)
- FTC information
- Health Insurance Portability and Accountability Act or HIPAA (concerning medical information)
Read more about HIPAA
- Logon banners enhance security by deterring intrusion and strengthening your position when prosecuting intruders.
- To test the security of an SMTP (mail) server you run, telnet to telnet://relay-test.mail-abuse.org.
- If you need a certificate signed or one that will be recognized outside the university, contact the Service Desk at 216.368.HELP (4357).
Tools for Internet Information Services (IIS)
- Microsoft UrlScan Security Tool
- Foundstone fport (lists the open TCP & UDP ports on your system, and the programs that have them open)
Routine maintenance and security news (Windows users)
- Windows functional and security updates
- Microsoft Office updates
- Perform regular security audits using Microsoft Baseline Security Analyzer
- Microsoft Security
- Microsoft TechNet