Office of the CIO
Queen's University-
Information Systems Security Office
- IT Security Policies
- Standards
-
Information Security Guidelines
-
Electronic Information Security Guidelines
- A1. Antivirus and Anti-Spyware
- A2. Security Updates and Patches
- A3. File Sharing and Remote Access
- A4. Secure Data Deletion and Destruction
- A5. Encryption
- A6. Physical Computer Locking
- A7. Account Passwords
- A8. Operating System Accounts
- B1. Account Hijacking
- B2. Sharing Your Personal NetID Password
- B3. Password Changes
- C1. Physical Location of Servers
- C2. Active Services and Open Ports
- C3. Backups
- C4. Firewalls
- C5. Remote Access
- C6. Physical Location of Network Devices
- D1. System Assessments
- D2. Permissions
- E1. Queen's Employee Requirements
- E2. Third-Party Requirements
- F1. Actual or Suspected Unauthorised Access
- G1. Multifunction Devices
-
Electronic Information Security Guidelines
- Education & Awareness
- Issues & Incidents
- Services
- Templates
Server Security Standards
Executive Summary
Many systems are built as servers by faculty, staff, students and researchers throughout the Queen’s community in support of the mission of the University. These server standards provide a set of instructions in a checklist format to help guide those who build and administer servers to secure their systems in an effort to safeguard the confidentiality, integrity and availability of data and systems.
The benefits and intent of these standards documents are to:
- Minimize system downtime and interruption of University operations.
- Safeguard the reputation and standing of the University.
- Safeguard the confidentiality, integrity and availability of data and systems, especially services critical to the infrastructure of the University and faculties.
- Safeguard the integrity of research and data used for research.
Queen’s University IT staff have a responsibility to ensure that the systems that they have built or administer are adequately protected and the security standards applied are in accordance with the policies set out by the University and its administration. The Queen’s University Information Systems Security Policy outlines the responsibilities of department heads (and/or directors and/or unit managers).
A special thank you to the Security Community of Practice: Server Security Standards Group who take credit for establishing and compiling these standards documents to provide to the Queen's community.
We hope that you will find the standards documents helpful and easy to follow.
Thank you for making our University computing environments secure!
Resources
Server Hardening Check Lists Main Page (NetID login required)
- Generic Hardening Checklist
- Solaris Hardening Checklist
- Red Hat Linux Hardening Checklist
- Macintosh OS X Hardening Checklist
- Windows Server Hardening Checklist
Questions?
Please contact the Information Systems Security Manager.