Free «Rochester Institute of Technology» Essay Sample


Rochester Institute of Technology, as early as it dates since its foundation in the early 1800s, has grown to a place where not only just good education is offered but also has been the best place where brilliant minds assemble and collaborate, where they pool together their individual talents across disciplines in service of big projects and big ideas. To achieve its mission, RIT aim to provide technology-based educational programs for personal and professional development.  Since RIT is an Institute of Technology, one of the main duties is instill students with quality and valuable programs. Security and ethics are among the core values that RIT obligates to uphold.  Information technology is the essence of every organization to keep and maintain its integrity according to its values. RIT has taken much emphasis for better information security solutions by making and implementing standards security policies. In context to (, policies and standards are the requirements the RIT community must follow when using RIT Information Resources to ensure that security and its values are maintained. The RIT information security has several major policies that play a big role in security enforcement. Such policies include the Information Security Policy (This is RIT's Enterprise Information Security Policy EISP), Code of Conduct for Computer and Network Use (This is RIT's Issue Specific Security Policy ISSP), Privacy Policy, Records Management Policy, and Policy on “Intellectual Property”. 


RIT ensures that information is available to the RIT community, protected commensurate with their value, and must be administered in conformance with federal and state law. Reasonable measures are taken to protect these assets against accidental or unauthorized access, disclosure, modification or destruction, as well as to reasonably assure the confidentiality, integrity, availability, authenticity of information. Reasonable measures are also taken to reasonably assure availability, integrity, and utility of information systems and the supporting infrastructure, in order to protect the productivity of members of the RIT community, in pursuit of the RIT mission as the policy stipulates.

Types of RIT Information Security Policy

EISP (Enterprise Information Security Policy) includes the Information Security policy as a component allows RIT to take rational methods to protect information and computing resources in a period that is both dependent on electronic media. Ensure that the information assets are in conformance with federal and state laws and are protected and readily available to the RIT community.

Adapt required security measures to prevent unauthorized access of RIT's information assets and ensure the availability and integrity of these information assets that will ultimately help toward achieving the common goal of the institution.

Want an expert to write a paper for you Talk to an operator now Start live chat now  

The Plain English guide to the Information Security Policy provides explanation and illustration of the Policy and is provided as an aid to help you understand and implement the requirements of the Policy as it is authoritative and with immediate effect. 

ISSP (Issue Specific Security Policy) includes the RIT Code of Conduct for Computer and Network Use and the RIT Privacy Policy.

The RIT Code of Conduct for Computer and Networks facilitates provision of information in terms of all computing and network resources. Its help in reflecting academic honesty and good judgment in utilization of shared resources, and observe the ethical and legal guidelines. The document outlines the user privileges and responsibilities access to a wide variety of on and off campus resources. Users are required to act in the most acceptable ethical manner and impose duties and obligations. The policy includes brief definitions for these technological subsystems that will avoid ambiguity. These definitions are: ordinary user and an authorized university user, university computing resources, university's network and network connections, system access, system owner, network admin and a definition for secure systems.

The RIT Privacy Policy clarifies the legitimate expectations of privacy by those who are at RIT facilities or at official RIT events, or those who use electronic resources. In the context, RIT endeavors in providing the best conducive environment for all, irrespective their roles.

We have understood that the Issue Specific Security Policy (ISSP) guides the organization on how to securely use specific technologies. It enforces that computer or network equipment be accessed only by authorized personnel.

RITS’ EISP and Security Standards

Through the analysis of EISP we have seen clearly that, a policy documents a clear solution on how to handle certain and predetermined occurrences, and especially in terms of security in RIT. However, Security Standards are no different from the policy; they help in implementation of the stipulated policies by the community in which they are set in.

List of RITS’ Security Standard

Desktop and Portable Computer Standard – (procedural and technical) protects RIT community from computer threats and theft. It presents the minimum security requirements for any desktop or laptop that is connected to the RIT network.

Password- (procedural) sets the minimum requirements on password complexity and usage.

Information Access and Protection Standard- (procedural and technical) ensures that RIT’s information is handled appropriately during its lifecycle in terms of creation, transfer, storage and disposal. 

Portable Media- (procedural) provides the minimum requirements to transfer or store RIT’s confidential information on portable devices such as discs.

Computer Incident Handling Standards- (procedural and technical) addresses steps that need to be followed to handle and resolve computer incidents.

Signature Standard- (procedural) specifies the standards for signatures elements when using RIT’s communication facilities.

Authentication Service Provider Standard- (technical) provides the information for assistance in maintain security by the RIT’s Information Security personnel.

Web Security Standard- (technical) provides the information for the minimum requirements, configurations and documentation to prevent, protect and respond on web servers.


The process of Information security Standards involves a pure filter process. Once a policy is introduced the various departments with their officials set on outlining the governing standards for the policy. The team of officers must realize the need for a certain standards for a particular policy and table them for scrutiny and evaluation just to get the best and that suits all. The image below shows the process at RIT for coming up with security standards. 


Security is a major concern to all the institutions in most part of the world, and if information is not handled with the care it deserves may end up being meaningless. The need for better security arises in our everyday today and this brings us to the attention for improved information systems which are most reliable and effective. In terms of network, wire-less network are known to provide a more secure connection than wired network. Wire-less networks have various types of securities such as use of computer Mac address. The use of Mac address provides the specific computer connected to the network as a registered connection. I would suggest that instead of using wired connection, the RIT’s implement wire-less connection of computer which is more secure.

Registration of the computer serial numbers to the RIT Information Security department would reduce much computer handling issues greatly.


RIT is an institution that I would say has been on the forefront to emphasize on Information Security which is a very important aspect in our today society. It has helped the institution to keep and maintain its core values and achieving its mission. Citing RIT as an example let all other organization be the first to end corruption of information and all other security vices by taking the proper actions in security provision.


What Our Customers Say

Get 15%OFF   your first custom essay order Order now Use discount code first15
Click here to chat with us