AgriLife Computing Best Practice & Responsibility Guides
The following two documents are designed to communicate the key responsibilities each employee should be aware of when operating computing equipment. One document is provided for general end users while the other is targeted for use by Information Technology Managers within AgriLife.
- Your Responsibilities as a User of AgriLife Information Resources
- AgriLife Information Technology Custodian Procedures and Best Practices
- AgriLife Computer Incident Response Plan
Rules, Procedures & Guidelines
- Information Resource Procedures [Research | Extension]
- Account Management Procedures [Research | Extension | College ]
- Email Retention & Procedures [Research | Extension | College ]
- Enterprise File Service Procedures [Research | Extension | College ]
- Network Procedures (Centers & Urban County Sites) [Research | Extension]
- Computer Resource Use by Volunteers (Extension)
- Workstation Security Hardening Guidelines
Security Practices for Confidential Information on University Computers
- University Rules and Procedures for IT resources
- Complying with Federal Regulations and Data Protection -What you Need to Know
- Proper posting of Grades
- Family Educational Rights and Privacy Act (FERPA) for Faculty, Staff and Adminstrators.
- Short courses on the proper use of Vista/WebCt
AIT Documents, Links and Presentations
- Ag IT Security Blog
- Security Incident Reporting page
- Good Security practices (Power Point presentation)
University/System Risk Assessment Applications
- University Risk Assessment resource – ISAAC
- System Risk Assessment resource – System ISAAC (please provide an IP address to securityhelp@ag.tamu.edu to obtain access)
Tools to find personally identifiable information (such as Credit Card or Social Security numbers)
- Identity Finder (requires licensing from the Sell)
- Cornell Spider
Login Banner Content and Application Info
Tools to identify SQL injection vulnerabilities
Securing Windows XP (and other Operating Systems)
- Securing Windows XP
- Securing removeable drives under Active Directory
- Disabling autorun and autoplay in Windows (and instructions for Vista to prevent the automatic parsing of autorun.inf files)
- Securing Macintosh systems
- 10 security tips for all general-purpose OSes
Securing Web Browsers
Securing Web servers
Commerical products for Securing Removable drives
Anti-spyware software
- Spyware Doctor (free as part of the Google pack)
- Spybot Search and Destroy (free for personal use)
Security Practices
- CWE/SANS – Top 25 Most Dangerous Programing Errors – Jan 12, 2009
- Centra Security Practices powerpoint presentation - December 21, 2007
- Software Patch Web resource
- Ten things you should do to secure every general purpose operating system
- Ten BAD Computer Practices
- Disable wireless when you dont need it – link to vulnerability announcement
- Hoaxes and Urban Legends – provided by Texas Department of Information Resources
Laptop Security PDFs from DIR
- Ten things you should already be doing to secure your laptop
- NIST Laptop Security Checklist
- Wireless Laptop security
- Laptop Security Onguard online
Disk Wipe Utilities
Setting up a Secure Wireless
Security Help
Encryption Software
- CIS links and information on the use of Androsa FileProtector for file encryption.
- TrueCrypt A free windows file encryption utility (whole disk encryption now available in version 5.0)
- Documentation for the use of TrueCrypt
Vulnerability Assessment
- cisecurity.org – Open Source vulnerability assessment tools for Windows and other products
- Windows Defender
- Microsoft Baseline Security Analyzer
- Retina from Eeye.com- Commercial product
Penetration Testing
- Metasploit.org – Open source penetration testing product for Windows and other products/OSs
- Core Impact from Core Security – Commercial product
Intrusion Detection Tools
- Open Source Host Based Intrusion Detection
- Sectools.org
- Free Anti-Root Kit
- Microsoft Windows Malicious Software Removal Tool
Intrusion Discovery Commands
Disaster Recovery/Business Continunity links
Data Recovery Software
- Data recovery products (Commercial and free products links from anandtech.com)
Important Security Events – updated daily
Listserv links and e-mail lists
- Microsoft Security Alerts
- Cyber Security alerts from US-Cert
- A&M Listserv for Computer Administrators (clicking will start up your e-mail client and allow you to submit a subscription request)
- Educause Security listserv (clicking will start up your e-mail client and allow you to submit a subscription request)
Security Webcasts from SANS
Network Security tools
- Security tools
- Application to process the Web browser history file (for Internet Explorer) - IEHistoryView
Latest Virus Alerts
- Virus Total Uploader – Scans single files with 32+ different products
- Sophos.com
- McAfee.com
- Symantec.com
Secure Web Application Development
- Open Web Application Security Project
- Build Security In from US-Cert
- Building Security In Maturity Model
Other Security Links
- DIR Cyber Security tips - Updated – October 2009
- Current article on Top Ten Cyber Security Tips – October 2009 – http://www.dir.state.tx.us/security/reading/200910cybersec.htm
- Previous article on Cyber Crime – August 2009 – http://www.dir.state.tx.us/security/reading/200908cybersec.htm
- Protecting Children online from Attorney General Greg Abbott
- Java Tool that reviews End User License Agreements
- File Hippo(Shows latest Versions for all Major Software Products)
