Body
To help ensure the security of University data, all workstations must be secured according to the standards listed below unless a more stringent regulatory requirement is applicable.
Requirements
- University-owned Windows workstations must be managed through the University's Active Directory System.
- Each computer object must be located in the appropriate AD OU.
- Each workstation must be joined to the domain.
- University-owned Windows workstations must have the local administrator account renamed and any guest accounts disabled.
- Basic security settings must be enforced by local or domain level policy.
- Security patching must be enforced and performed on a regular basis.
- Local account passwords must meet.
- Local firewall must be turned on.
- Automatic locking of workstation after idle timer expires.
- Anti-virus software must be installed and definitions kept current.
- For university-owned systems, the IT department must maintain an inventory including serial numbers and owner information.
- Exceptions to these standards must be approved by the campus ISO and will be re-evaluated on a periodic basis.