Scribd
Upload
69 views

JD Computer Protection Policy

This policy outlines computer protection requirements for Beckett University's servers and user devices. It requires that all endpoints be protected by a site-level firewall that blocks external communication by default. Internet-facing servers must be hardened and isolated on a DMZ network. Operating systems and applications must be regularly patched according to schedules. All desktops and laptops must have centrally managed antivirus software installed, while servers require antivirus or other host protection as appropriate. Connections between servers should be secure or encrypted where possible.

Uploaded by

Ulises Isaac Santana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
69 views

JD Computer Protection Policy

This policy outlines computer protection requirements for Beckett University's servers and user devices. It requires that all endpoints be protected by a site-level firewall that blocks external communication by default. Internet-facing servers must be hardened and isolated on a DMZ network. Operating systems and applications must be regularly patched according to schedules. All desktops and laptops must have centrally managed antivirus software installed, while servers require antivirus or other host protection as appropriate. Connections between servers should be secure or encrypted where possible.

Uploaded by

Ulises Isaac Santana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

LEEDS

BECKETT UNIVERSITY

IT Services
Computer Protection Policy
__________________________________________________________________
1. Introduction
1.1. This policy will define how University-controlled end-point devices servers and user devices - are
protected from security vulnerabilities. It includes appropriate technical and procedural controls to
reduce risk and meet the requirements of other University IT Security Policies.

2. Scope
2.1. This policy defines the basic protection that should be applied to computers, including desktop
PCs, laptops and servers owned and controlled by the University.
2.2. It does not preclude additional protection methods appropriate to specific installations and
applications.
2.3. This document includes statements on:
2.3.1.Host firewall implementation and configuration
2.3.2.Operating System and application patching
2.3.3.Host protection (e.g. Anti-virus, rootkit detection, HID/PS) systems.

3. Firewall implementation and configuration


3.1. Subject to provisions within the Network Management Policy, all University endpoint devices are
protected behind a site-level firewall. Communication through this firewall is blocked by default.
Only authorised exceptions are permitted, to allow communication through it.
3.2. Internet-facing servers requiring greater access should be security hardened and connected to an
alternative managed network (known as a DMZ) and not subject to the site-firewall restrictions.
Any such connection should be subject to the usual change control and authorisation process.
3.3. All other access should be made through proxy servers or VPN connections. Any firewall rule
changes must be appropriately authorised using the change control process and carried out by
appropriately qualified and authorised personnel.
3.4. All servers will be configured with appropriate server firewalls rejecting external connections other
than those either specifically authorised for the particular application or covered under the
appropriate server-build standards. Other servers will be configured with server firewalls if
appropriate to the application and under the same conditions.
3.5. Desktop computers and laptops are not configured with firewalls.

4. Operating System and application patching


4.1. Operating systems should be patched at regular intervals as agreed with IT Services management
and the appropriate service owners. Where appropriate this process should be automated.
4.2. Applications should be patched/updated as advised by the vendors and to timescales agreed with
the service owners.

5. Host Protection Systems.


5.1. All desktop and laptop computers will be installed with appropriate anti-virus software where
available which should be centrally controlled/managed and automatically updated.
5.2. Servers should be installed with anti-virus or other applicable host protection software
appropriate to the needs, applications and platform. Any deviation from this policy should be
agreed with IT Services management.
5.3. All connections between servers should be secure or encrypted if possible.

6. Document Approval
Approved by:

Information Governance Steering Group

Approved Date:

19th Dec 2013

Review Date:

January 2017

Reviewer:

Information Governance Steering Group

7. Document History
17/07/13
15/08/14
19/10/15
19/01/16

G Cook, S Buckman, Roland Cross, P Cockcroft Version 1


R Cross Name Change update Version 2
S Buckman PREVENT and IT Service Update Version 3
A Orde Annual Review Version 4

Page 2 of 2

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy