Skip to main content
Skip to main site menu
University Information Security Office
Search
Menu
Search this site
×
Close the search box
Search
Requests
Security Standards
Toggle sub-navigation
Close this sub-navigation
Security Standards for Georgetown Technology
Risk Classifications for Georgetown Assets and Data
Toggle sub-navigation
Minimum Security
Toggle sub-navigation
Security Considerations for Cloud Services
Toggle sub-navigation
Technology Policies
Toggle sub-navigation
Close this sub-navigation
100. University Security
Toggle sub-navigation
200. Information Systems Security
Toggle sub-navigation
300. Identity & Access Security
Toggle sub-navigation
400. Data Security
Toggle sub-navigation
500. 3rd-Party Security
Toggle sub-navigation
600. Regulated Data Security
News & Announcements
Toggle sub-navigation
Close this sub-navigation
News & Announcements
Phishing Examples
Blog
Toggle sub-navigation
Archived News
Be Cyber Smart!
Close
Requests
Open sub-navigation
Close sub-navigation
Security Standards
Open sub-navigation
Close sub-navigation
Security Standards for Georgetown Technology
Open sub-navigation
Close sub-navigation
Risk Classifications for Georgetown Assets and Data
Open sub-navigation
Close sub-navigation
Minimum Security
Open sub-navigation
Close sub-navigation
Security Considerations for Cloud Services
Open sub-navigation
Close sub-navigation
Technology Policies
Open sub-navigation
Close sub-navigation
100. University Security
Open sub-navigation
Close sub-navigation
200. Information Systems Security
Open sub-navigation
Close sub-navigation
300. Identity & Access Security
Open sub-navigation
Close sub-navigation
400. Data Security
Open sub-navigation
Close sub-navigation
500. 3rd-Party Security
Open sub-navigation
Close sub-navigation
600. Regulated Data Security
Open sub-navigation
Close sub-navigation
News & Announcements
Open sub-navigation
Close sub-navigation
News & Announcements
Open sub-navigation
Close sub-navigation
Phishing Examples
Open sub-navigation
Close sub-navigation
Blog
Open sub-navigation
Close sub-navigation
Archived News
Open sub-navigation
Close sub-navigation
Be Cyber Smart!
Open sub-navigation
Close sub-navigation
Full site menu
Requests
Security Standards
Security Standards for Georgetown Technology
Risk Classifications for Georgetown Assets and Data
Security Risk Classifications for Georgetown Servers
Security Risk Classifications for Georgetown Data
Minimum Security
Minimum Security for Endpoints
Minimum Security for Applications
Minimum Security for Servers
Security Considerations for Cloud Services
Minimum Security for SaaS/PaaS
Minimum Security for laaS/Containers
Technology Policies
100. University Security
UIS.104 HEOA DMCA Policy
UIS.104.1 Peer-to-Peer (P2P) Guidelines
Computer Systems Acceptable Use Policy
Transmission of Messages Via Broadcast Communication
Georgetown University Information Security Policy
200. Information Systems Security
UIS.201 IT Hardware Assets Management Policy
201.1 Technology Hardware Acquisition and Documentation Guidelines
201.2 System Development Lifecycle Guidelines
201.3 3rd-Party Hardware Assets Guidelines
UIS.202 Software Applications Management Policy
UIS.202.1 Software Applications Management Guidelines
UIS.202.2 Application Developer Security Testing and Evaluation Guidelines
UIS.203 Configuration Management Policy
UIS.203.1 Baseline Configuration Guidelines
UIS.203.1T Configuration Management Implementation Guide
UIS.203.2 Configuration Change Control Guidelines
UIS.203.3 Access Restrictions for Change Control Guidelines
UIS.203.4 Configuration Settings Guidelines
UIS.203.5 Security Impact Analysis Guidelines
UIS.203.6 Information System Component Inventory Guidelines
UIS.203.7 Least Functionality Guidelines
UIS.203.7T Restricted List of Ports, Protocols, and/or Services
UIS.203.8 Configuration Management Plan Guidelines
UIS.203.9 Software Usage Restrictions and Installation Guidelines
UIS.204 Vulnerability Management Policy
UIS.204.1 Asset Patch Management Guidelines
UIS.204.1T Critical Vulnerabilities Implementation Guide
UIS.204.2 End-user Patch Management Guidelines
UIS.204.2 Vulnerability Remediation Deferral Guidelines
UIS.205 Information Security Audit Logging Policy
UIS.205.1 Information Security Audit Logging Guidelines
UIS.205.1T Information Security Audit Logging Implementation Guide
300. Identity & Access Security
UIS.301 Elevated Privileges Management Policy
UIS.301.1 Elevated Privileges Management Guidelines
400. Data Security
Data Classification
Data Storage (Legacy)
UIS.401.1 Data Classification Guidelines
UIS.401.1T High Risk Data Table
UIS.401.2 Data Destruction Guidelines
UIS.401.3 Data Handling Guidelines
Report a Data Security Incident
Research Data Protection Guidelines
500. 3rd-Party Security
UIS.501 Technology Vendor Policy
UIS.501.1 Cloud Services Selection Guidelines
UIS.501.2 Software-as-a-Service Guidelines
UIS.501.3 Platform-as-a-Service Guidelines
UIS.501.4 Supplier Risk Assessment Guidelines
UIS.501.5 Cloud Technology Services Agreement Guidelines
UIS.501.6 Website Hosting Guidelines
600. Regulated Data Security
News & Announcements
News & Announcements
Phishing Examples
Blog
Don’t Take the Bait: Defending Institutional Data From Phishing
New GU Policy! Two Factor Authentication to GU Systems
October is National Cyber Security Awareness Month!
GDPR Explained!
Archived News
Be Cyber Smart!
UIS Alert – Emergency Security Update for Apple iOS (12.4.1)
Computer Support Scam
BrightCrowd Email Alert
Extortion Email Alert
Phishing Email Alert
Cyber Alert: Update your Mozilla Firefox browser
Cyber Alert: Update your Mozilla Firefox browser
