- Academic Affairs
- Administration and Finance
- Center for Health and Homeland Security
- Center for Information Technology Services
- Communications and Public Affairs
- Office of Philanthropy
- Government Affairs
- Human Resource Services
- Office of Community Engagement
- Operations and Planning
- Office of the President
- Police and Public Safety
- Research and Development
- University Counsel
Information Technology Policies
UMB IT Patch Management Policy
Applies to Staff
Patch and vulnerability management is a security practice designed to proactively prevent the exploitation of IT vulnerabilities that exist within an organization. The expected result is to reduce the time and money spent dealing with vulnerabilities and exploitation of those vulnerabilities. Proactively managing vulnerabilities of systems will reduce or eliminate the potential for exploitation and involve considerably less time and effort than responding after exploitation has occurred.
All manufacturers of computer operating systems are susceptible to programming flaws that can introduce security risks. Occasionally, one of those flaws permits a hacker to compromise those systems. A compromised computer threatens the integrity of the network and all computers connected to it. Therefore, all systems connected to the campus network must have up-to-date critical security patches applied.
To ensure systems do not pose an unmanaged security risk for the campus, by ensuring applicable and required security patches are applied in a timely and effective manner.
This policy applies to every workstation physically (including wireless) connected to any part of the campus network.
To comply with Section VII, item 1, General Controls of the USM Guidelines in Response to the State IT Security Policy which requires USM institutions to implement formal controls on all institutionally owned systems that store and/or access nonpublic information.
Implement a systematic, accountable, and documented process for managing exposure to vulnerabilities through the timely deployment of patches.