Home » Secure Computing » Other Security Guidelines

Other Security Guidelines and Policies

Stanford promotes the use of industry best practices for architecture and deployment of information systems. The Information Security Office has assembled the Stanford ISO Security Guidelines,which outlines the essential elements of secure computing at the University. The ISO also recommends the following references which offer detailed explanations and documentation of information security best practices on most common Stanford platforms.

• Payment Card Industry Data Security Standard
  This document provides practical advice on securing sensitive information with a focus on credit card data.
• The OWASP Web Application Security Project
  OWASP presents an overload of web security information.
• The FBI/SANS Top Internet Security Vulnerabilities
  The FBI/SANS Top identifies the most critical vulnerabilities of Internet-connected Windows and Unix systems today, tells you how to determine if your system is at risk, and presents strategies for correcting exposures.
• National Institute of Standards and Technology Computer Security Resource Center
  The NIST CSRC publishes documents covering a broad range of security-related subjects, from cryptographic key management to software patching procedures.
• National Security Agency
  The NSA makes available security configuration guides for network equipment, operating systems, application frameworks, and individual software applications.
• Practical UNIX and Internet Security
  The Unix and Internet security classic.