In response to campus feedback, OIT has revised the Endpoint Protection Standard (EPS, RUL 08.00.18), initially published in May 2018. In addition to improving user-friendliness, OIT has modified the EPS rule based on how NC State employees actually perform their jobs.
This EPS explains the minimum security precautions to protect university data as required by the university’s Computer Use Regulation.
Please review the following changes in the revised standard:
- Accessing red data from endpoints not owned by the university is now permitted; however, storage of red data from these endpoints remains forbidden.
- The term “personally owned endpoints” has been replaced with the term “endpoints not owned by the university” (to include those owned by external entities).
- The entire document is rewritten for easier comprehension.
- Tables are simplified and include links to the glossary from each EPS security control.
- Antivirus and anti-malware security controls are now combined.
- The glossary now has separate sections: EPS Security Controls, Acronyms, and Terms.
- Section 6 (Endpoints not Owned by the University) has clearly delineated subsections:
- 6.1 Accessing University Data
- 6.2 Storing University Data
In addition, please review the following EPS-related pages to understand how they impact you:
- IT Exception Request Form includes improvements as well as the following additional related forms:
- Amendments to previously submitted EPS Exception Requests
- Implementation Plans to request EPS deadline extensions with acceptable justifications and strategies for meeting them
- New EPS Endpoint Inventory Template makes it easy for campus IT support staff to create and upload a spreadsheet of more than five endpoints to modify, add, or delete when submitting EPS Exception Requests, Amendments, or Implementation Plans.
- EPS Implementation (EPS Home Page) has been updated to reflect all EPS changes.
- EPS Phases of Implementation has been updated to address Linux endpoints and mobile security.
- EPS FAQs page has been updated to reflect all EPS changes.
- Configuration Management Systems at NC State remains unchanged.
Finally, the Phase 1 implementation deadline is Sunday, June 30, 2019. If you need help meeting this deadline, please contact the NC State Help Desk at firstname.lastname@example.org or 919.515.4357 (HELP).