To help ensure the security of University data, all workstations must be secured according to the standards listed below.
- University-owned Windows workstations must be managed through the University's Active Directory system.
- Each computer object must be located in the appropriate AD container.
- Each system must be joined to the domain.
- Basic security settings must be enforced by technical policy.
- Local firewall must be turned on.
- Patching must be enforced.
- Local account passwords must meet the University's standards for length and complexity.
- Antivirus software must be installed and kept current.
- For University owned systems, the departmental IT professional must keep an inventory including serial number and owner information.
- Users must authenticate to the device using a centrally managed authentication service. They must use a named account, not a generic resource account, for authentication purposes.
- Windows workstations must have the "Shared Documents" folder disabled.
- For Windows workstations, users must rename the Administrator account and disable the guest account.
- Exceptions to these standards must be approved by the campus ISO and will be reevaluated on a periodic basis.