2.3 Device & Endpoint Management & Security

quote block

All university-owned devices must meet or exceed the security procedures and standards outlined at https://computers.usu.edu. This includes requirements for device configuration, software updates, and endpoint security controls to protect against unauthorized access, malware, and other threats. Access controls must be implemented on all devices to ensure only authorized individuals can access university-owned or -managed data and resources. Employees are responsible for collaborating with their assigned IT staff to ensure their devices meet these security standards.

The use of personal devices to access university data or conduct university business must be limited to ensure the security, privacy, and integrity of institutional information. Employees are encouraged to utilize university-provided devices and services whenever possible. If personal devices must be used, they must comply with the university procedure, as documented on the Device Management Website.

USU Policy 5200.2.3 quote block

quote block

Related Policies:

Why

This policy is important because devices and endpoints are often the first line of defense against cyber threats and potential breaches. Unsecured devices can serve as entry points for attackers, putting sensitive university data and resources at risk. By enforcing stringent security standards for device management, the university mitigates the chances of unauthorized access, data loss, and other cyber incidents that could disrupt operations or compromise confidential information. Ensuring that all devices meet or exceed these security requirements also helps maintain compliance with various regulatory frameworks and institutional policies.

Furthermore, this policy establishes a shared responsibility model between the university and its employees. While the IT department provides the tools, guidance, and support, it is up to each individual to ensure that their devices are configured and maintained correctly. This collaborative approach helps create a culture of security awareness and vigilance, empowering employees to take an active role in safeguarding university data and IT resources.

How

This policy is implemented through a series of standardized procedures and technical controls, documented at https://computers.usu.edu, that ensure all devices—whether university-owned or personal—are configured securely and kept up-to-date. The process begins with the initial configuration of devices, which must adhere to baseline security standards, including the installation of required software, endpoint protection solutions, and proper network settings. Regular software updates and patches are enforced to mitigate vulnerabilities that could be exploited by malicious actors. Additionally, endpoint security controls, such as antivirus software, firewalls, and encryption, are applied to defend against malware, unauthorized access, and data breaches.

Employees play an active role in this process by collaborating with their assigned IT support staff to confirm that their devices comply with these standards. This includes performing routine compliance checks, implementing recommended security settings, and reporting any anomalies or suspected security issues. Clear guidance and technical support are provided to ensure that users understand the specific requirements for their devices and know how to keep them secure. The result is a consistent, organization-wide approach to device security that reduces risks and enhances overall data protection.