Introduction
As part of a broader IT Strategic Plan, the University is taking purposeful steps to protect our campus IT infrastructure from ransomware and other destructive cybersecurity attacks.
1. Policy Statement
All computers and other endpoints that connect to Princeton’s secure network must comply with the requirements of the University’s cybersecurity protocols.
2. Who Is Affected By This Policy
This Policy applies to all University students, faculty, and staff. It also applies to all other individuals and entities granted use of the University’s IT Systems, including, but not limited to, contractors, temporary employees, and volunteers (collectively, “Users”).
3. Definitions
Endpoint: A computer or other device that connects to the University network.
Cybersecurity Protocols: A set of rules, processes and controls that direct how computers are managed to ensure the overall security of the University’s IT systems and data.
Approved Departmental IT Security Plan: A documented plan approved by the Information Security Office that describes the actions taken to ensure devices comply with university's cybersecurity protocols.
Endpoint Management Security Program: A set of software, processes and controls managed by the Office of Information Technology, that protects devices attached to the University’s network from being exploited in cybersecurity attacks.
4. Policy
Due to the increased risk in ransomware attacks and other cybersecurity threats, computers must be appropriately secured to connect to the University’s network. While the methods of securing a computer may differ depending on the device type and use, the intent is to make sure all endpoints that connect to the University network are secure and well-protected through participation in the University’s Endpoint Management Security Program or through an approved departmental IT Security Plan.
5. Related Policies
Policy Title: Computer and endpoint security requirements
Responsible Executive(s): Vice President for Information Technology and Chief Information Officer, Daren Hubbard
Responsible Office(s): Office of Information Technology, Information Security Office
Contact(s): David Sherry, Office of Information Technology
Effective Date: May 10, 2023
First version: May 10, 2023
Last Update: n/a