-
UIT Help Center
Chat Live Chat
Email support@uh.edu
Submit a help form
Call 713-743-1411
Visit the Tech Commons-
Policies and Guidelines
Departmental IT Best Practices - Desktop and Server Security
Last Updated: April 15, 2011
Reviewed: January 11, 2010
Reviewed: January 11, 2010
- Who does it apply to?
- Departmental Management
- Why is it important?
- To minimize security vulnerabilities and ensure confidentiality, integrity, and availability of information resources.
Practices
Securing Equipment
- What is it?
- Ensuring physical assets are secure.
- WHAT NEEDS TO BE DONE:
- Ensure the physical security of university hardware, software and data.
Existing Guideline(s):
Monitoring Systems
- What is it?
- Monitoring computer system logs for unusual activity.
- WHAT NEEDS TO BE DONE:
- Monitor systems daily to detect unusual system activity. Report unusual activity to appropriate personnel.
Existing Guideline(s):
Updating Software
- What is it?
- Maintaining current application and operating system software to minimize security vulnerabilities.
- WHAT NEEDS TO BE DONE:
- Install the latest software versions, patches, and updates in a timely manner.
Existing Guideline(s):
- MAPP 10.03.01: Computer User Responsibilities (addresses physical updates, not software updates)
- MAPP 10.03.02: "Computer and Network Security"
- IT Reference Guide: "Logical Security; C. Data and Software Availability"
- UH IT Cyber Security Guidelines, A.6
- Government Code, Chapter 2054, "Information Resources, General Provisions"
- IT Support Standards: "Software Installation and Upgrades"
- IT News: Microsoft Windows and McAfee VirusScan Checkup
Protecting Against Viruses
- What is it?
- Protecting computer systems from viruses.
- WHAT NEEDS TO BE DONE:
- Install, use, and maintain up-to-date anti-virus software.
Existing Guideline(s):
- IT Reference Guide: "Logical Security; E. Local System Protection, 2. Viruses"
- IT Support Standards: "Viruses"
- IT Support Standards: "Software Support"
- IT News: Microsoft Windows and McAfee VirusScan Checkup
- IT Security Manual: "Technical Security Requirements," Appendix B ("Data Classification Levels")