New Workstation Security Standards

Most workstations used for University-related activities will be affected.

The latest University Information Security Policy, approved by the Board of Regents in July, 2019, includes changes that will affect most the workstations used for University-related activities, including teaching and learning, research, and outreach.

How Workstations and Devices are Affected

The security policy references 16 security standards that address various areas of data security, including the Systems and Device Management Standard regarding workstation security. As it states:

University systems and devices must be deployed and maintained to an appropriate level, based on the data stored on or accessed through them. Some systems and devices must meet legal, regulatory, or contractual agreements related to their configuration and management.

Some of the relevant security controls within this standard include:

  • Management by an IT Service: Identifies where management by an IT service (such as Active Directory (AD) or JAMF) is required.
  • Configuration: Defines the baseline security controls for configuring a system or device, including removing software that is no longer supported by the vendor (i.e., Windows 7) and using industry-standard strong encryption.

How to Comply

To assist units in securing workstations to meet these standards, ITSS has developed 3 Steps to Secure Computers. The steps are:

  1. Enroll your device in AD (Windows) or JAMF (Mac):
    Managed devices receive automatic security updates for the operating system and many business applications. They also provide easier access to shared drives and network printing.
  2. Update your OS:
    Currently supported operating system (OS) are Mac OSX 10.13.6 or higher, Windows 8.1 Enterprise and Windows 10 Education.
  3. Encrypt the data on your device:
    Encryption secures the data on your device in the event it is lost, stolen or compromised.

For details, consult 3 Steps to Secure Computers.