Skip to content Skip to site navigation Skip to service navigation

ISO Position Papers

This page contains documents that outline ISO's position on a number of security-related topics. These are not university policies, but can be referenced during decision making processes.

Published Positions


Topics for Future Papers
The following are topics for which ISO may generate a position paper in the future. If you have an idea for a position paper topic, please feel free to reach out to Michael Timineri (timineri @

  • 2-factor authentication (fail-safe versus fail-open)
  • Ad-blockers
  • Bulk mailings from 3rd party tools
  • Faculty and grad students managing servers
  • Management of printers and other embedded devices
  • Recommended SSL/TLS Cipher Suites 
  • RFC 1149 - The Transmission of IP Datagrams on Avian Carriers
  • Secret Management in automation
  • Security products from companies with significant foreign ownership (Kaspersky… etc) 
  • Security.txt file
  • Usage of Yubikeys
  • Use of bastion hosts
  • Use of external penetration testers
  • Use of IPMI and other remote server consoles
  • Use of non-Stanford owned devices for Stanford business
  • Use of non-Stanford staff for the management of High risk servers
  • Use of password managers
  • Use of SNMP 
Last modified April 22, 2019