Table of Contents

Server Hardening Checklists

The Information Security Office maintains these pages as a resource for campus IT administrators. For recommended practices for securing servers, select your operating system below:

Multifunction Device Hardening Checklist

This checklist contains multifunction device (MFD) hardening requirements. An MFD is sometimes called a multifunction printer (MFP) or all-in-one (AIO) device, and typically incorporates printing, copying, scanning, and faxing capabilities.

Handheld Hardening Checklists

The hardening checklists are based on the comprehensive checklists produced by the Center for Internet Security (CIS), when possible. The Information Security Office has distilled the CIS lists down to the most critical steps for your systems, with a particular focus on configuration issues that are unique to the computing environment at The University of Texas at Austin.
Handheld Device Operating Systems
Apple iOS Hardening Checklist Google Android Hardening Checklist

Secure Web Application Coding Guidelines

The secure Web application coding guidelines contain best practices and design guidelines for application developers on campus. The checklists are intended to be a concise reference document for developers.
If you have any comments or suggestions, please contact the Information Security Office at

Security Checklist for Hosted IT Services

The security checklist for hosted IT services contains information to assist purchasing project sponsors in addressing risk management, contract review, and ongoing Vendor management, with the goal of minimizing risk to university data. See the change log for a list of changes to this document.

3rd Party Security Assessments Minimum Requirements

Crestron and Room Automation Device Guidelines