University Baseline Secure Computing Standards
Dec 17, 2024
Information Strategy and Services (ISS) in partnership with Denver Office of Information Technology (OIT) has developed ten Baseline Secure Computing Standards. The Baseline Secure Computing Standards apply to all university-owned* devices used by faculty, staff, students and other authorized individuals connected to the CU network. This includes all workstation computers such as desktops and laptops. These Standards were developed to support the university in its mission to comply with the Administrative Policy Statement (APS) 6005 IT Security Program as well as other CU IT Policies and CU Systemwide Baseline Security Standards.
Why are these Standards necessary?
Together, these standards are designed to improve computer performance, streamline IT support, and strengthen IT security. These standards are necessary to ensure resource availability, reinforce the university's security and compliance posture, and protect the confidentiality, integrity and availability of data assets. In addition to system improvement, the university is required to meet certain regulations to maintain funding and accreditation. These regulations apply to all higher education institutions and if they are not met it can result in a loss of funding and/or an audit. By implementing these standards, the university is compliant with these regulations which not only secures our standing as an institution but also makes it easier to get grants and additional funding sources.
Meeting these Standards will help protect the work, assets and data of the university including all faculty, staff and students who conduct business and learning on the university domain and university network.
What changes for users with the implementation of these Standards?
Overall, most users won’t notice a difference in how they use their device. However, these standards offer the user many benefits with improved performance, IT support, and security:
- Better performance: machines will run better and last longer because they will be procured, configured and managed consistently.
- Streamlined support: users will be able to get IT support faster and more easily because all devices will be managed. Among other benefits, device management cuts down on troubleshooting time and will provide a clearer path toward resolution.
- Automatic updates: updates can now be automatically pushed out to all devices so that systems will have the latest security patches as well as performance fixes. Departments will be able to control application deployment so that updates will not interrupt workflow. This will take away the burden from the user to install and update applications as those critical security updates will now be centrally managed. You can focus on your job, and we will take care of it for you!
- Increased security: CU Denver and CU Anschutz staff work with a variety of highly confidential data, including FERPA and HIPAA information. It is vital to ensure that this data—and all university data including research and education materials—are securely protected. These Standards, along with vigilance and data security best practices utilized by all users, help achieve that so that you can work with the peace of mind that any assets you work with are protected.
- Increased protection of the university network: Machines that have these standards implemented will be better protected from malicious attacks, unauthorized access and hacking attempts.
- Decreased individual liability: adhering to these standards mitigates your risk of contributing to compromising the university’s information. This protects you as an individual and protects the campus as a whole.
In the past, these services weren’t available to users. Our campus IT departments have worked diligently on our practices, our organization and our support to be able to provide these services across the university. In our commitment to customer service and IT security, we will work with you on securing your devices and implementing these standards. We are happy to meet with you, discuss your unique needs and find secure solutions.
How will these Standards be implemented?
We are collaborating with our IT partners across the CU Denver and CU Anschutz campuses to create an implementation process for applying these Standards to all university-owned devices. Over the next 12 months, your department’s IT support will work with you to ensure your device is compliant with these Standards. All units and departments must work with their designated IT professional(s) to implement these Standards on their university-owned devices to ensure functionality and that the Standards are properly met.
If your unit or department does not have a designated IT professional(s), please reach out to the OIT Service Desk for support.
If you are unsure who your department’s IT support is, please contact the OIT Service Desk and we will assist you in contacting them.
We thank you for taking university IT security and compliance seriously. With your help, we can ensure university compliance with important policies that protect the university’s assets.
If you have any questions, please reach out to the ISS Endpoint Management team.
*University-owned devices are identified as any computing device (desktop, laptop, tablet, etc.) procured with university funds, including grant funding, and used to conduct university business and learning, including research. All university devices are expected to be connected to the university domain.
