IT Security

Best Practices

It is crucial that ChatGPT and other generative AI tools are used with caution and do not put Rensselaer data at risk.  Confidential and Internal Use data, as defined in the Information Classification policy, cannot be put into any of these tools unless a vetted contract is in place through procurement to ensure proper data security and privacy.

Additionally all use cases should be consistent with the Cyber Citizenship Policy.

Connecting printers, copiers, and fax machines securely to Rensselaer's network is crucial to maintain the integrity, confidentiality, and availability of sensitive information. Implementing robust security measures helps mitigate potential risks associated with unauthorized access, data breaches, and network vulnerabilities.
Standards for network connectivity help to mitigate the various risks.  This best practice outlines minimum standards for devices connecting to the campus network (additional requirements may apply to specific devices which have been identified as having increased risk due to network location, sensitivity of data stored/sent/received, or access to other systems):

The stance of the Information Security Office within DotCIO is that access to Rensselaer data and systems for business operations should only be through Rensselaer owned and managed devices with appropriate security controls and configurations.   Please review the Information Classification Policy - by policy, personally owned devices cannot not be used to store confidential data.

Back to top