Computer and Endpoint Security Requirements

Introduction 

As part of a broader IT Strategic Plan, the University is taking purposeful steps to protect our campus IT infrastructure from ransomware and other destructive cybersecurity attacks.

1. Policy Statement 

All computers and other endpoints that connect to Princeton’s secure network must comply with the requirements of the University’s cybersecurity protocols. 

2. Who Is Affected By This Policy 

This Policy applies to all University students, faculty, and staff. It also applies to all other individuals and entities granted use of the University’s IT Systems, including, but not limited to, contractors, temporary employees, and volunteers (collectively, “Users”).  

3. Definitions 

Endpoint: A computer or other device that connects to the University network. 

Cybersecurity Protocols: A set of rules, processes and controls that direct how computers are managed to ensure the overall security of the University’s IT systems and data.  

Approved Departmental IT Security Plan: A documented plan approved by the Information Security Office that describes the actions taken to ensure devices comply with university's cybersecurity protocols. 

Endpoint Management Security Program: A set of software, processes and controls managed by the Office of Information Technology, that protects devices attached to the University’s network from being exploited in cybersecurity attacks.

4. Policy 

Due to the increased risk in ransomware attacks and other cybersecurity threats, computers must be appropriately secured to connect to the University’s network.  While the methods of securing a computer may differ depending on the device type and use, the intent is to make sure all endpoints that connect to the University network are secure and well-protected through participation in the University’s Endpoint Management Security Program or through an approved departmental IT Security Plan. 

5. Related Policies 

 

Policy Title: Computer and endpoint security requirements

Responsible Executive(s): Vice President for Information Technology and Chief Information Officer, Daren Hubbard

Responsible Office(s): Office of Information Technology, Information Security Office

Contact(s): David Sherry, Office of Information Technology 

Effective Date: May 10, 2023

First version: May 10, 2023 

Last Update: n/a