An endpoint is defined as any laptop, desktop, or mobile device.

Follow the minimum security standards in the table below to safeguard your endpoints. NOTE: All personally owned endpoints that are use to access (store or transmit) University data are required to adhere to these Minimum Security Standards. 

PatchingApply security patches within seven days of publish. Use a supported OS version.
Whole Disk Encryption Desktops Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices.

Whole Disk Encryption Mobile Devices
Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices.
Malware Protection and Intrusion Prevention
Install antivirus (Symantec End Protection (SEP) recommended).
Backups Back up user data at least daily. Encrypt backup data in transit and at rest.
InventoryReview and update records quarterly. Maximum of one node per record.
Configuration Management TBD  
Regulated Data Security Controls Implement PCI DSS, HIPAA, FISMA, or export controls as applicable.   
Two-factor Authentication

Require Duo two-factor authentication for interactive user and administrator logins.

Security TrainingComplete annual Secure the Human Training. 

Short URL to this page: 

Related articles

Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.

Related issues