Page
1
of
4
DMS Policy No.
IT
-
09
-
104
Managing OS, Security, and Virus Updates
DEPARTMENT OF MANAGEMENT SERVICES
ADMINISTRATIVE POLICY
TITLE:
Managing Operating System
,
Security
, and Virus
Updates
POLICY
NUMBER
IT
-
09
-
104
EFFECTIVE:
November 1, 2009
REVISED:
PURPOSE
DMS recognizes the importance of ensuring our computers (servers, desktop
computers, laptops, etc.) are kept up to date with operating system patches, other
security patches, and virus recognition files and software updates
.
This policy covers
minimum ac
tivities and scheduling associated with this need.
SCOPE
This policy is applicable to all DMS employees
. Carrying out this policy is the
responsibility of the DMS LAN and Desktop Support Team
.
IT pertains to ensuring
the application of security updates
and virus detection files and software in a timely
manner.
AUTHORITY
Florida Statute 282.318
DISTRIBUTION
The following individuals
should be notified of this
policy
Method of notification
DMS IT, Division of
Retirement IT, Division of
Telecommunica
tions
Engineers, Print shop Mac
users
䑥Da楬ed v楥iy⁉nfo牭a瑩tn⁓e捵物瑹⁍ nager
A汬⁄ S⁅mp汯lees
䥮fo牭a瑩tn⁓e捵物瑹⁁wa牥re獳⁔牡楮楮i
䑍S⁗eb楴
䑍S⁅e捵瑩te⁌eade牳桩r
Executive Leadership meetings
Page
2
of
4
DMS Policy No.
IT
-
09
-
104
Managing OS, Security, and Virus Updates
DEFINITIONS
Word/Term
Definition
PC
A
computer used as a personal computer. This includes
desktop computers and laptops/notebooks.
Server
A computer with power, memory, and architecture that
sufficiently allows it to perform processes for many users and
applications.
Computer
Generically u
sed to refer to PCs and servers.
Network Devices
A device used to provide network communications. This
includes, switches, routers, hubs, mini
-
hubs, splitters, wireless
access points, firewalls, network security devices, network
appliances and modem pools
.
OS and Security
Updates
Any operating system
,
system utility
, or
network device
patch
or update that fixes flaws in the system or plugs security gaps
identified, or otherwise enhances security of the system.
POLICY
DMS is committed to
ensuring our
s
ecurity measures and
virus
protection is
adequate in protecting our systems
and data
from threat and abuse. To this end, all
desktop c
omputers, laptops/notebooks,
server
class
computers
, and network devices
connected to the DMS LAN or DMS e
-
mail system, o
r connected to the Florida
Retirement System LAN
will be updated regularly according to this policy with
operating system
, firewall,
and
other
security related updates
. All Windows
-
based
computers
will have
installed
and
active virus detection soft
ware th
at is updated
regularly
according to this policy.
The following are minimum requirements for frequency and steps to ensure
adequate protection for the different types of systems employed by DMS.
1.
The following shall be considered minimum requirements for
PCs and servers
that run
the
Microsoft Windows
OS
and connect to the DMS LAN or e
-
Mail
system
.
a.
OS and Security Updates
:
i.
The Microsoft Update site will be c
hecked once per day for OS
and s
ecurity
updates
and
any available will be
download
ed
to a
server.
ii.
PCs
and servers will be configured to check for these downloads
once per day, and download any available.
iii.
Windows PCs and servers will be configured to apply
downloaded OS and security updates once per week
.
Page
3
of
4
DMS Policy No.
IT
-
09
-
104
Managing OS, Security, and Virus Updates
iv.
Any OS and security updates deemed critical will be
downloaded
immediately, and scheduled to be applied to PCs and servers
within 24 hours if possible.
b.
Anti
-
Virus and Anti
-
Spyware:
i.
Availability of virus and spyware protection software updates and
signature files will be checked for
at the vendor site
once
per
day, and
any found will be
downloaded to all PCs and servers.
ii.
Windows PCs and servers will be configured to run Anti
-
virus
and anti
-
spyware scans once per week.
c.
A procedures document for accomplishing these requirements for OS,
security, anti
-
virus, an
d anti
-
spyware updates
for Windows
-
based
systems
must be maintained by IT management
.
d.
Virus protection software must be approved by the Information Security
Manager, and active on every Windows
-
based computer.
2.
The following shall be considered minimum requ
irements for
PCs and servers
that run Linux or UNIX and connect to the DMS LAN or e
-
Mail system
.
a.
Availability of
OS and security updates
by the vendor
will be
checked
once per month, and
applied to servers.
b.
Updates deemed c
ritical will be
downloaded and
ap
plied imm
ediately
once this level of importance is identified.
c.
A procedures document for accomplishing server OS and security
updates must be maintained by IT management.
d.
The DMS standard PC operating system is Windows. However, some
areas within DMS have
found it beneficial to use Linux on the PC.
Using the non
-
standard OS requires CIO approval. OS and security
updates for PCs (workstations) running Linux are the responsibility of
the user of the PC. Users are required to apply OS and security
updates
once per month. Users are responsible for appl
ying updates
deemed critical im
mediately once this level of importance is identified.
e.
Adherence to these Linux/Unix system and security update
requirements
for PCs
will be monitored through semi
-
annual inspect
ion
of r
andomly selected PCs
.
3.
The following shall be considered minimum requirements for
PCs running the
MAC OS and connect to the DMS LAN or e
-
Mail system
.
a.
The DMS standard PC operating system is Windows. However, s
ome
areas within DMS utilize Mac
PCs
du
e to
the
type of work being
performed. Using the non
-
standard OS requires CIO approval. OS
and security updates for Mac computers are the responsibility of the
user of the PC. Users are required to apply OS and security updates
Page
4
of
4
DMS Policy No.
IT
-
09
-
104
Managing OS, Security, and Virus Updates
once per month. Users ar
e responsible for apply
ing updates deemed
critical imm
ediately once this level of importance is identified.
b.
Adherence to these Mac
OS system and security update requirements
will be monitored through semi
-
annual inspection of randomly selected
PCs
.
4.
The fo
llowing shall be considered minimum requirements for
network devices
connected to the DMS LAN.
a.
Availability of system and security updates will be checked once per
month for all network devices, and applied to the network devices
immediately.
b.
Updates deeme
d c
ritical will be downloaded and applied imm
ediately
once this level of importance is identified.
c.
A procedures document for accomplishing network device system and
security updates must be maintained by IT management.
RESPONSIBILITIES
Individual
or Gro
up
Responsibilities
DMS IT
En獵牥dhe牥r捥⁴o⁴h楳⁰o汩捹o爠偃猠rnd
獥牶e牳Ⱐr捥p琠
fo爠r楶楳ionf⁒ 瑩牥ten琠P䍳nd 牶e牳Ⱐ䑩v楳ionf
Te汥捯mmun楣慴楯i猠sun捯m 牶e牳Ⱐrnd⁌楮i⽕/楸⁐䍳
䑩v楳ionf
剥R楲emen琠䑩牥捴o爠
and⁉T⁍ nagemen琠
Vendor
En獵牥dhe牥r捥⁴o⁴h楳⁰o汩捹o爠r楶楳ion⁐䍳ⰠCnd
獥牶e牳anagedy⁴he⁉Tanagemen琠vendo爮
E獴sb汩獨⁐牯捥du牥猠fo爠r捣cmp汩獨楮i⁰o汩捹 qu楲emen瑳t
a猠s楲e捴cd ⁴he⁰o汩捹.
䑩v楳ionf
Te汥捯mmun楣慴楯i猠
䑩牥捴or
En獵牥dhe牥r捥⁴o⁴h楳⁰o汩c
yo爠r楶楳ionanaged
獥牶e牳nde瑷o牫ev楣敳i
E獴sb汩獨⁰牯捥du牥猠fo爠r捣cmp汩獨楮i⁰o汩捹 qu楲emen瑳t
a猠s楲e捴cd ⁴he⁰o汩捹.
L楮i⽕/楸⁐䌠C獥牳
啮Ue牳瑡ndnddhe牥⁴o⁴h楳⁰o汩捹 n捥牮楮g⁴he楲⁐䌮
Emp汯lee
䝥ne牡氠rwa牥re獳⁴h牯rgh⁉nf
o牭a瑩tn⁓e捵物瑹⁁wa牥re獳s
p牯r牡r
.
䥮fo牭a瑩tn⁓e捵物瑹
Manager
En獵牥汬e捥獳s特⁰a牴re猠snde牳瑡nd⁴h楳⁰o汩捹
䍯汬散Cnd v楥i⁰牯捥du牥猠fo爠rmp汥len瑩tg⁰o汩捩敳c
f牯r⁴hee捥獳s特牯rp献
Mon楴i爠rdhe牥r捥 mi
-
annua汬yfon
-
W楮iow猠s䍳y
牥r楥i楮i⁵pda瑥 g猠snd⽯爠ra瑥献
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Comments 0
Log in to post a comment