Skip to content

User Device Security

Endpoint Protection

All user devices must be protected from malicious software and content using software installed on the device. This includes:

  • Application Control by allow-list or block-list applications allowed to execute on the device.
  • Protection from malicious code by preventing spy-ware, ad-ware, and viruses through heuristics and real time scanning.
  • Web content by blocking sites that are known to spread malicious code, compromise privacy, or classified as being a risk by industry security organizations.

Software Patching

All devices will be kept up to date with the latest developer recommended versions of software including, but not limited to, security updates to the operating system.

Macbooks: Software updates must be applied within two weeks of their release. Major OS updates will be coordinated within one year of its release date.

iOS: iOS Devices will be updated to the latest minor version automatically upon release from Apple. Major upgrades to iOS will be updated automatically after thorough testing.

Backups

Users that have a mobile device (iPad/Laptop) are responsible for maintaining their own device backups. OIT will not be responsible for lost data on a device that has not been properly backed up. OIT will provide the end-user with the tools or hardware required to keep the device backed up.

Current Backup Recomedations:

  • iOS devices will backed up using iCloud by the user.
  • Laptops will be backed up to encrypted external hard drives or using OneDrive.

Disk Encryption

Devices that are owned by users that have access to sensitive information must have full disk encryption.
All external drives used for backups must also be encrypted. All devices owned by all Faculty and Staff must have full disk encryption. This includes desktops, laptops, iOS devices, and external drives.