Minimum Security for Endpoints
| Standards | What to do | Low Risk System | Moderate Risk System | High Risk System |
|---|---|---|---|---|
| Patching |
Apply security patches 48 hours:
Use a supported OS version. |
X | X | X |
| Whole Disk Encryption |
Enable FileVault2 for Mac, BitLocker for Windows.
Install MDM on mobile devices. |
X | X | X |
| Malware Protection | Install Symantec Anti-Virus | X | X | X |
| Centralized Logging | Forward logs to UIS Splunk. | X | X | X |
| Backups | Back up user data at least daily. University IT Code42 CrashPlan is recommended (option to set personal password). Encrypt backup data in transit and at rest. | X | X | |
| Inventory | Review and update Snipe-IT records quarterly. Maximum of one system per record. | X | X | X |
| Configuration Management | Install Tanium Client. | X | X | X |
| Regulated Data Security Controls | Implement PCI DSS, HIPAA, or export controls as applicable. | X |