Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows 7 Update and Security Recommendations Committee Review.

Published byMelvyn Justin Bryan Modified over 8 years ago

Similar presentations

Presentation on theme: "Windows 7 Update and Security Recommendations Committee Review."— Presentation transcript:

1 Windows 7 Update and Security Recommendations Committee Review

2 Revised Timelines 2 Medical Center Campus

3 Applications Update Estimated date of completion for remaining applications: 2/14/14

4 Applications Requesting Exception UCSF Security Exception Request Form developed for non- compatible applications and hardware: http://it.ucsf.edu/sites/it.ucsf.edu/files/security_exception_request_v1.5_0.pdf http://it.ucsf.edu/sites/it.ucsf.edu/files/security_exception_request_v1.5_0.pdf Applications submitted for exception: –AMCOM (Operator DB for Patient Info) Connie Standfield, 8 –EndoPRO Cindy Weiner, 75 –EndoPro (APF-Lab) Natasha Komarovskaya –GE Mobile Care Server Paul Jimenez, 30 –GE Patient Data Server Paul Jimenez, 22 –HeartSuite James Cundiff, 4 –Softmed Natasha Komarovskaya, 10 –SoftMed 6.5 Ed Mahony –SoftMed Core Messaging Framework Ed Mahony –SoftMed Resource Locking Client Ed Mahony –Vericis [Cardiology] James Cundiff, 4

5 Communications Conduct Desktop Drop Notification for Phase II Clinical Rollout: 2/10/14 Survey early adopter groups for feedback on performance post-upgrade (Lakeshore and Women’s Health Daly City Clinic): 2/13/14 Medical Center Update: 2/7/14 Manager’s Weekly: 2/10/14 Ideas from the project team: –Easily identifiable outfit for morning after Field Walkers –Quick view stickers: green (upgraded), orange (issue), red (exception)

6 Security Recommendations Current State No current domain level GPO (Group Policy Object) with local security settings Users that receive UCSFMC imaged laptops are set to have local admin access by default.

7 Risk Local admin access –Malware –Phishing\credential theft –Installing unauthorized\potentially malicious software –Potential software licensing issues –Unauthorized removal of software –Unauthorized system configuration changes

8 Risk No baseline GPO –Overall this is not best practice –Many low impacting settings that can have a positive affect on our security posture

9 IT Security Recommendations Local admin access –No local admin access as default user configuration Principle of Least Privilege Group policy object settings Based on USGCB (US Government Configuration Baseline) –Local Windows settings 17 GPO settings –Internet Explorer settings 5 GPO settings

10 Impact No local admin access –Users will be unable to install and update some software –Potentially increased support calls to install software and make other needed configuration changes –Self support at home GPO settings –Each setting has its own inherent impact

11 Mitigations to Minimize Impact Local admin access –Beyond Trust Power Brokers Desktop (Privilege Manager) –Software Center (SCCM) – Self Service Portal In pilot –Exception process\procedure Elevated account request GPO settings –Testing to date has revealed little impact to user productivity

12 Questions

Download ppt "Windows 7 Update and Security Recommendations Committee Review."

Similar presentations

Request Management Mirror-. A random three day sample of Incidents revealed that about 86% of the registered Incidents were legitimate Requests Many other.

Request Management Mirror-. A random three day sample of Incidents revealed that about 86% of the registered Incidents were legitimate Requests Many other.
Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.

Establishing an OU Hierarchy for Managing and Securing Clients Base design on business and IT needs Split hierarchy Separate user and computer OUs Simplifies.
FDCC Implementation Efforts at Idaho National Laboratory Justin Hansen NLIT 2009.

FDCC Implementation Efforts at Idaho National Laboratory Justin Hansen NLIT 2009.
Alberta’s Personal Health Record Platform www. MyHealth. Alberta

Alberta’s Personal Health Record Platform www. MyHealth. Alberta
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.

ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.
How PNNL Manages Windows Desktops 1 Will Jorgensen.

How PNNL Manages Windows Desktops 1 Will Jorgensen.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
OIT's Unity Labs Active Directory Windows Environment.

OIT's Unity Labs Active Directory Windows Environment.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
PC Manager Meeting January 25, 2006. Today Updates –Next Meeting –Meeting Maker Upgrade –Windows Policy –Training –Licensing –Security –Tool Of The Month.

PC Manager Meeting January 25, Today Updates –Next Meeting –Meeting Maker Upgrade –Windows Policy –Training –Licensing –Security –Tool Of The Month.
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.
PlanningMigrationConfigurationDeploymentOperations.

PlanningMigrationConfigurationDeploymentOperations.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Similar presentations

Ads by Google