Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.
Substantive Change: University Data Protection Standard
Last modified
August 11, 2023 - 11:04am
Post date
January 11, 2023 - 4:56am
The standard, University Data Protection Standard, removed the two exceptions, one for vulnerability scanning (Exception 268) and one for periodic scanning for Highly Sensitive Data (HSD; Exception 230). The requirement for periodic scanning for HSD was removed in the Highly Sensitive Data Protection Standard for Individual-Use Electronic Devices or Media standard. Technical requirements, including whole disk encryption for individual-use devices on the HSVPN, replaced the requirement for periodic scanning for HSD on such devices.
The requirement for networked-device vulnerability scans must be performed and remediated per the requirements in the Security of Network Connected Devices standard
Reviewing carefully the revised standard is highly recommended.