Standards What to do
Low Risk System
Moderate Risk System
High Risk System
Patching

Apply security patches 48 hours:
- CVSS> 7
- Qualys >3
- Vendor "Critical"
- Remotely Exploitable

Other patches within 14 days.

Use a supported OS version.

check-mark check-mark check-mark

Whole Disk Encryption

Enable FileVault2 for Mac, BitLocker for Windows.

Install MDM on mobile devices.

check-mark check-mark check-mark

Malware Protection

Install Symantec Anti-Virus

check-mark check-mark check-mark

Centralized Logging

Forward logs to UIS Splunk.

check-mark check-mark check-mark

Backups

Back up user data at least daily. University IT Code42 CrashPlan is recommended (option to set personal password). Encrypt backup data in transit and at rest.

  check-mark check-mark

Inventory

Review and update Snipe-IT records quarterly. Maximum of one system per record.

check-mark check-mark check-mark

Configuration Management

Install Tanium Client.

check-mark check-mark check-mark

Regulated Data Security Controls

Implement PCI DSS, HIPAA, or export controls as applicable.

    check-mark