Minimum Security for Endpoints

Standards | What to do | Low Risk System | Moderate Risk System | High Risk System |
---|---|---|---|---|
Patching |
Apply security patches 48 hours:
Use a supported OS version. |
X | X | X |
Whole Disk Encryption |
Enable FileVault2 for Mac, BitLocker for Windows.
Install MDM on mobile devices. |
X | X | X |
Malware Protection | Install Symantec Anti-Virus | X | X | X |
Centralized Logging | Forward logs to UIS Splunk. | X | X | X |
Backups | Back up user data at least daily. University IT Code42 CrashPlan is recommended (option to set personal password). Encrypt backup data in transit and at rest. | X | X | |
Inventory | Review and update Snipe-IT records quarterly. Maximum of one system per record. | X | X | X |
Configuration Management | Install Tanium Client. | X | X | X |
Regulated Data Security Controls | Implement PCI DSS, HIPAA, or export controls as applicable. | X |