Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Standard

advertisement 
Standard
Effective Date
June 15, 2013
Chapter Name
Security
Chapter Number
8.14.S.1
Date of Last Revision
June 15, 2013
Title
Desktop and Laptop Security Standard
1.0 Purpose
This standard establishes baseline security configuration for all desktop and laptop devices owned by, leased to, or
deployed by DoIT. This standard does not cover devices owned by or leased to private individuals, contractors,
students, etc.
2.0 Governing Policy
Number/Document Name
8.14 Desktop and Laptop Security
8.10 Data Encryption Policy
Effective Date
November 14, 2012
3.0 Standard
Systems deployed by DoIT must conform to the standards listed below:
•
•
•
•
•
•
Systems must be running an operating system from the list of supported operating systems that can be
found on the IT Help Desk Minimum Support Standards web site.
Systems must be promptly updated with the latest patches and updates. Any appropriate method may be
used to test and deploy these patches, including but not limited to Windows Update, SCCM, or WSUS.
Appropriate Anti-Virus/Anti-Malware must be installed and kept current.
It is recommended that all systems be configured to use Active Directory or similar appropriate systems for
user authentication and management. Users are required to use DoIT provided authentication to access any
networked resource. Users may be given Administrator/Root or similar access to systems expressly issued
to them for daily use. The use of local or guest accounts is not recommended.
Systems containing sensitive material will have the appropriate encryption software installed and
configured as per the Data Encryption Policy.
DoIT will create and maintain standardized images for use on appropriate university desktops and laptops.
Exceptions:
•
•
Exceptions will only be granted on a case-by-case basis and only upon approval by CIO or designate. An
appropriate business case must be made for deviating from this standard, with mitigation plans provided.
Systems deviating from this standard may not be supported by DoIT, and may be isolated from EMU
networking resources at any time without notice.
4.0 Responsibility for Implementation
The Chief Information Officer is responsible for the implementation of this policy.
5.0 Definitions
Term
IT Standard
Form Version 3.0
Definition
Page 1 of 2
6.0 Revision History
Description
Approved by CIO
IT Standard
Approval Date
June 15, 2013
Page 2 of 2
Related documents
Example: Communications Strategy
Example: Communications Strategy
Policy
Policy
STANDARD
STANDARD
Technical Architecture Review Form
Technical Architecture Review Form
Procedure
Procedure
Policy
Policy
Policy
Policy
Recombinant Human DOK6 protein ab165951 Product datasheet 1 Image Overview
Recombinant Human DOK6 protein ab165951 Product datasheet 1 Image Overview
Single User Email Form
Single User Email Form
Procedure 8.15.P.1 Access Control – DoIT Systems Privileged Access Request
Procedure 8.15.P.1 Access Control – DoIT Systems Privileged Access Request
Anti-DOK6 antibody ab72730 Product datasheet 2 Images
Anti-DOK6 antibody ab72730 Product datasheet 2 Images
Application software assignment
Application software assignment
Download
advertisement