Bit9 is an application control product that allows departments to monitor and control application execution on systems.
Security
Services and tools that safeguard the University’s computing resources and data. University IT provides services such as desktop configuration, mobile device management, authentication systems, antivirus software, firewalls, and network monitoring.
BigFix protects your computers with automatic security updates for operating systems and other popular software.
See BigFix Patch Management.
To ensure devices that can access Stanford data are only used by identified people, you need to complete a simple enrollment process. Enrollment associates your identity (that is, your SUNet ID) with each of your devices, and will eventually allow you to manage them.
The Secure Email service is designed for members of the Stanford community who plan to use email to transmit Protected Health Information (PHI) in accordance with the HIPAA guidelines. The most frequent use of this service will be from the Stanford School of Medicine.
The Stanford Whole Disk Encryption service is for both Windows and Macintosh desktop and laptop computers. This service will secure data using standard NIST-approved encryption of the computer hard disk. Once installed, all files are automatically encrypted. The data is protected at rest as long as the hard disk is password protected.
If you have a computer that is unable to comply with Stanford’s security requirements, you can apply for a temporary exception.
Endpoint Compliance Reports provide information to system and department administrators, local desktop support, and management to monitor compliance of the devices that connect to the Stanford network.
OSSec is a file integrity monitoring application that records changes to a server's file system to help detect and investigate an intrusion or change.
Identity Finder finds Prohibited Data that may be hiding in your computer without your knowledge.
Borrow an iPad when traveling to a high-risk country to reduce your exposure to data and identity theft.
The Managed Antivirus service provides the ability for technical support groups on campus to manage and monitor Sophos Anti-Virus clients installed on the Windows and Mac systems in their areas.
Managed Desktop enables departments to centrally manage their desktop computers using automated processes. This service is available for both Windows and Macintosh desktop computers.
Mobile Device Management (MDM) enables you to manage your mobile device through Stanford's web-based tool, and configures a profile that gives you secure access to internal systems while protecting the data on your device.
My Devices lets Stanford affiliates look up the devices associated with them and see whether the devices are verifiably encrypted.
Splunk software is used for searching, monitoring, and analyzing machine-generated big data via a web-style interface.
Qualys Vulnerability Scanner finds security vulnerabilities in web applications and other network services and helps you remediate them.
Secure Device Management provides services and tools to meet Stanford's security requirements for computers, smartphones, and tablets.
An SSL certificate is a signed electronic guarantee that verifies the authenticity of a particular server. It's used for providing web pages through an encrypted connection. Any service accessible by SSL must have a certificate, including any web server with encrypted or “secure” content.
See Operational Intelligence Software (Splunk)
See Secure File Storage.
VLRE provides encryption verification without requiring BigFix. VLRE is a read-only application that periodically reports on the computer's encryption status and screensaver password status, leaving maintenance of the computer entirely to the user.
Stanford’s VPN service allows any Stanford affiliate to connect to SUNet remotely from any available network connection almost anywhere in the world: including from home, from many hotels, and even from within some company networks.
