Patches must be tested prior to installation in the production environment. If technology does not permit, a security exception must be submitted. There must be a test environment for evaluating system changes and updates, and for conducting potentially destructive security assessments, as technology permits. There must be a change management process for systems configuration. Systems administrators must maintain documented restoration procedures for systems and the data on those systems. System administrators should establish and follow a procedure to carry out regular system backups.īackups must be verified at least monthly, either through automated verification, through customer restores, or through trial restores. ♻ : A recurring task this should be automated when possible Instead, these requirements should be integrated into a comprehensive security plan for the system or service. These minimum standards exist in addition to all other university policies and federal and state regulations governing the protection of the university’s data.Ĭompliance with these requirements does not imply a completely secure system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |