Minimum Security Profile for Supported Computers

Overview

To ensure the effective support, security, and maintenance of the computers used by faculty and staff, the University Information Security Office (ISO) has established minimum security requirements for all computers used for University business.

ISO Standards

Standard	Description

Standard	Description
Account and Directory Standards	All computers shall use Austin Active Directory managed user accounts. UT-IRUSP Standard 4: Access Management > (4.1.1 - 4.1.3)
Application Patch Management Standards	Core applications shall be regularly patched. ISO Minimum Security Standards For Systems > System Hardening > (4.5.1 - 4.5.3)
Backup Standards	All computers shall be configured to be backed up via UTBackup services. ISO - Minimum Security Standards For Backup Systems > (4.1.1 - 4.1.3)
Computer Naming Standards	All managed computers shall adhere to the Computer Naming Standard. UT-IRUSP Standard 19: Server and Device Configuration Management > (19.2.4)
End User Administrative Accounts	User accounts shall be configured as non-administrator accounts. Users with and administrator privileges must comply with best practices for the usage of that account. UT-IRUSP Standard 5: Administrative/Special Access Accounts > (5.8.1 - 5.8.4.2)
IT Staff Administrative Account Standards	All computers shall have an administrative account configured for usage by technical support staff. Anyone using accounts with elevated access privileges of this type must adhere to the UT-IRUSP access requirements. UT-IRUSP Standard 5: Administrative/Special Access Accounts > (5.1 - 5.8.4.2)
Encryption Standards	All computers shall be encrypted. UT-IRUSP Standard 11: Safeguarding Data > (11.3.1 -11.3.2.1)
Operating System Standards	All computers shall have an Operating System that is supported by the vendor, and updated to the current patch release. Standards For Systems > System Hardening > (4.5 - 4.5.2)
Security Setting Standards	All computers shall have the following security settings implemented: University Warning Banner presented at logon Standards For Systems > System Hardening > (4.5.10) File sharing access disabled Minimum Security Standards For Data Stewardship > Responsibility > (5.3 - 5.3.5.7) 15-minute screen saver with password is required to secure unattended devices UT-IRUSP Standard 15: Passwords > (15.2 - 15.2.5) Firewall Configuration Minimum Security Standards For Systems - System Hardening > (4.5.5)
System Log Standards	All computers shall be configured to provide a minimum of 14 days of system logs. Minimum Security Standards For Systems - Security Monitoring > (4.6.1 - 4.6.4)
Systems Management Tool Standards	All computers shall be enrolled in the appropriate Endpoint Management Platform. UT-IRUSP: Standard 19: Server and Device Configuration and Management > (19.3.1)
Vulnerability Management Standards	All computers shall have the Nessus vulnerability agent installed. Minimum Security Standards For Systems - Vulnerability Management > (4.7.1)
Virus and Prohibited Software Standards	All computers shall have Defender for Endpoints installed and enabled. University computers shall be compliant with ISO prohibited technology and covered applications policy. Minimum Security Standards For Systems - Computer Virus Protection > (4.3. - 4.3.4) Prohibited Technology and Covered Applications

Date	Action	Implementer

Date	Action	Implementer
2025-03-03	Policy Update: policies have been verified as current. Migration: Article migrated to the LAITS public space for enhanced accessibility.

LAITS - Liberal Arts ITS Public Wiki

Minimum Security Profile for Supported Computers

Overview

ISO Standards

Related content