Information Security / Protect Your Research / Secure Your EnvironmentMinimum Security Standards
Information Security
/ Protect Your Research
/ Secure Your Environment
Work with your local IT support and lab system administrator to determine your requirements and business / research needs for:
- Servers: The standards outline specific sections for the most common operating systems at Northwestern (Windows, RedHat Linux, OS X and Solaris). Other operating systems (ie Debian, OpenBSD, etc) are addressed by the more general recommendations that would apply to the respective operating system regardless and further augmented by the hardening guidelines from CIS (Center for Internet Security).
- Endpoint Management: In general, start from a position of security that is most secure (i.e. no shares, no guest access, etc.) and open up services as necessary. In addition to endpoint management, endpoint protection, data backup, and vulnerability management software, do not use the administrator account as the regular login account, create strong passwords, and implement multi-factor authentication.
- Networks: Extensions of the University network of any kind are prohibited. Extensions include, but are not limited to, firewall appliances, hubs routers, switches, wireless access points, etc. Installation, engineering, maintenance, and operation of the Northwestern network, and serving any property owned or leased by the University, are the sole responsibility of NUIT. The issues surrounding extending the campus infrastructure fall into four categories: security, accountability, future network performance and reliability, and operation.
- Firewalls: A Network Firewall is required in all instances where Sensitive Data is stored or processed; a Host Firewall is required in all instances where Sensitive Data is stored or processed and the operating environment supports the implementation. Both the Network and Host Firewalls afford protection to the same operating environment, and the redundancy of controls (two separate and distinct firewalls) provides additional security in the event of a compromise or failure.