Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

An endpoint is defined as any laptop, desktop, or mobile device.

...

STANDARDS

RECURRING TASK

WHAT TO DO ?

LOW RISK

MODERATE RISK

HIGH RISK

Patching

Apply security patches within seven days of publish. Use a supported OS version.

Whole Disk Encryption Desktops


Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices.


Whole Disk Encryption Mobile Devices


Enable FileVault2 for Mac, BitLocker for Windows. Install MDM on mobile devices.

Malware Protection and Intrusion Prevention


Install antivirus (Symantec End Protection (SEP) recommended).

Backups

 ✔

Back up user data at least daily. Encrypt backup data in transit and at rest.

Inventory

Review and update records quarterly. Maximum of one node per record.

Configuration Management

TBD

Regulated Data Security Controls

Implement PCI DSS, HIPAA, FISMA, or export controls as applicable.

 ✔

Two-factor Authentication

Require two-factor authentication for interactive user and administrator logins.

Security Training

Complete annual Secure the Human Training.

 ✔

...