Other Security Guidelines and Policies
Stanford promotes the use of industry best practices for architecture and deployment of information systems. The Information Security Office has assembled the Stanford ISO Security Guidelines, which outlines the essential elements of secure computing at the University. The ISO also recommends the following references which offer detailed explanations and documentation of information security best practices on most common Stanford platforms.
Card Industry Data Security Standard
This document provides practical advice on securing sensitive information with a focus on credit card data.
- The OWASP
Web Application Security Project
OWASP presents an overload of web security information.
- The FBI/SANS Top Internet Security
The FBI/SANS Top identifies the most critical vulnerabilities of Internet-connected Windows and Unix systems today, tells you how to determine if your system is at risk, and presents strategies for correcting exposures.
- National Institute of
Standards and Technology Computer Security Resource Center
The NIST CSRC publishes documents covering a broad range of security-related subjects, from cryptographic key management to software patching procedures.
The NSA makes available security configuration guides for network equipment, operating systems, application frameworks, and individual software applications.
- Practical UNIX and Internet Security
The Unix and Internet security classic.