Best Practices

Email Security
E-mail is an important part of communication today.  However, it poses a few security risks such as phishing scams, fraudulent e-mails, and viruses.

Data Encryption
The National Institute of Standards and Technology (NIST) has approved several encryption programs. LSU IT security professionals suggest use of these technologies to maintain compliance with LSU Policy Statement 107.

Identity Protection
Higher education has been identified as a high risk environment for data breaches and potential identity theft. Over the last few years, numerous colleges, government agencies, and corporations have had to address the aftereffects of a data breach. LSU wants to mitigate the impact of a potential breach on the LSU community.

Listserv Usage
This page page provides guidelines for proper usage on LSU's Listserv.

Passwords and Passphrases
What is the difference between passwords and passphrases? Passwords are typically not safe to standalone systems that expose data to enable password guessing by an attacker. Passphrases are generally stronger and much longer, making some kinds of brute force attacks entirely impractical.

Reference Architecture
This document contains standards that address the process of developing enterprise systems at Louisiana State University.  These standards structure the interaction and integration of enterprise software acquired and developed by central computing and other campus units.

Securing Systems
This page provides a list of best practices on securing systems.

Protecting Confidential Data
This page provides best practices on how to handle, store and dispose sensitive data.

System Administration
List of best practices for departmental e-mail and file servers.

Wireless Security
LSU has implemented a Protected Extensible Authentication Protocol (PEAP) authentication scheme for its wireless network. Utilizing PEAP provides increased security by allowing password-based authentication to the LSU wireless network over an encrypted channel. LSU’s PEAP solution provides two methods of authentication: single sign on (SSO) and PAWS authentication. This document details the requirements for utilizing the SSO method and describes the options for users that chose not to utilize it.