An endpoint is defined as any laptop, desktop, or mobile device.
...
| STANDARDS | RECURRING TASK | WHAT TO DO ? | LOW RISK | MODERATE RISK | HIGH RISK | |||
| Patching | ✔ | Apply security patches within seven days of publish. Use a supported OS version. | ✔ | ✔ | ✔ | |||
| Whole Disk Encryption Desktops | Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices. | ✔ | ✔ | |||||
| Whole Disk Encryption Mobile Devices | Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices. | ✔ | ✔ | ✔ | ||||
| Malware Protection and Intrusion Prevention | Install antivirus (Symantec End Protection (SEP) recommended). | ✔ | ✔ | ✔ | ||||
| Backups | ✔ | Back up user data at least daily. Encrypt backup data in transit and at rest. | ✔ | ✔ | ✔ | |||
| Inventory | ✔ | Review and update records quarterly. Maximum of one node per record. | ✔ | ✔ | ✔ | |||
| Configuration Management | TBD | ✔ | ||||||
| Regulated Data Security Controls | Implement PCI DSS, HIPAA, FISMA, or export controls as applicable. | ✔ | ||||||
| Two-factor Authentication | Require Duo two-factor authentication for interactive user and administrator logins. | ✔ | ✔ | |||||
| Security Training | ✔ | Complete annual Secure the Human Training. | ✔ | ✔ | ✔ |
...
...
| Live Search | ||||||||
|---|---|---|---|---|---|---|---|---|
|
...