PATCH MANAGEMENT POLICY PATCH MANAGEMENT POLICY. Page 1 of 5

Similar documents
PATCH MANAGEMENT POLICY IT-P-016

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE

Patch Management Policy

Introduction. PCI DSS Overview

Data Management Policies. Sage ERP Online

Policy Title: HIPAA Security Awareness and Training

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014

Managed Antivirus Quick Start Guide

CITY OF BOULDER *** POLICIES AND PROCEDURES

Best Practices for DanPac Express Cyber Security

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Title: Security Patch Management

Version: 2.0. Effective From: 28/11/2014

Nessus Agents. October 2015

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

HIGH-RISK SECURITY VULNERABILITIES IDENTIFIED DURING REVIEWS OF INFORMATION TECHNOLOGY GENERAL CONTROLS

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

ANTI-VIRUS POLICY OCIO TABLE OF CONTENTS

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

Managing and Monitoring Windows 7 Performance Lesson 8

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Information and Communication Technology. Patch Management Policy

Secondary DMZ: DMZ (2)

LESSON Windows Server Administration Fundamentals. Understand Updates

HoneyBOT User Guide A Windows based honeypot solution

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

Critical Controls for Cyber Security.

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Boston University Security Awareness. What you need to know to keep information safe and secure

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Check Point and Security Best Practices. December 2013 Presented by David Rawle

IM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy. Notification of Policy Release: Distribution by Communication Managers

Web based training for field technicians can be arranged by calling These Documents are required for a successful install:

REMOTE ACCESS POLICY OCIO TABLE OF CONTENTS

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

MSP Service Matrix. Servers

IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

Cloud Computing Thunder and Lightning on Your Horizon?

Protecting the un-protectable Addressing Virtualisation Security Challenges

Verve Security Center

Developing A Successful Patch Management Process

Security Controls in Service Management

1. Thwart attacks on your network.

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Patch Management Procedure. Andrew Marriott PATCH MANAGEMENT PROCEDURE.DOCX Version: 1.1

Vulnerability Scanning and Patch Management

Maintaining, Updating, and Protecting Windows 7

Charter Business Desktop Security Administrator's Guide

Patch management with WinReporter and RemoteExec

Consensus Policy Resource Community. Lab Security Policy

SECURITY PATCH MANAGEMENT INSTALLATION POLICY AND PROCEDURES

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box Phone: Midland, Texas Fax:

Patch Management. FITS OM Directory Services Administration Contents. Key

Software Asset Management (SWAM) Capability Data Sheet

eeye Digital Security Product Training

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

How To Understand What A Virus Is And How To Protect Yourself From A Virus

N-CAP Users Guide. Everything You Need to Know About Using the Internet! How Worms Spread via (and How to Avoid That)

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

Kaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test

Symantec Endpoint Protection Analyzer Report

Using WMI Scripts with BitDefender Client Security

Connecticut Justice Information System Security Compliance Assessment Form

The purpose of this policy is to provide guidelines for Remote Access IPSec or Virtual Private

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

NAC at the endpoint: control your network through device compliance

The Protection Mission a constant endeavor

MANAGED SECURITY SERVICES (MSS)

New Boundary Technologies HIPAA Security Guide

ICT OPERATING SYSTEM SECURITY CONTROLS POLICY

Computer and Network Security Policy

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

SERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less

How To Manage A Patch Management Process

Transcription:

Page 1 of 5

TABLE OF CONTENTS 1. OVERVIEW... 3 2. DEFINITIONS... 3 3. PURPOSE... 3 4. SCOPE... 3 5. POLICY... 4 6. WORKSTATIONS... 4 7. SERVERS... 4 8. ROLES AND RESPONSIBILITIES... 4 9. MONITORING AND REPORTING... 4 10. ENFORCEMENT... 5 11. EXCEPTIONS... 5 Page 2 of 5

1. OVERVIEW Bojanala Platinum District Municipality is responsible for ensuring the confidentiality, integrity, and availability of its data and that of customer data stored on its systems. Bojanala Platinum District Municipality has an obligation to provide appropriate protection against malware threats, such as viruses, Trojans, and worms which could adversely affect the security of the system or its data entrusted on the system. Effective implementation of this policy will limit the exposure and effect of common malware threats to the systems within this scope. 2. DEFINITIONS TERM DEFINITION Patch: A piece of software designed to fix problems with or update a computer program or its supporting data Trojan: A class of computer threats (malware) that appears to perform a desirable function but in fact performs undisclosed malicious functions Virus: A computer program that can copy itself and infect a computer without the permission or knowledge of the owner. Worm: A self-replicating computer program that uses a network to send copies of itself to other nodes. May cause harm by consuming bandwidth. 3. PURPOSE This document describes the requirements for maintaining up-to-date operating system security patches on all Bojanala Platinum District Municipality owned and managed workstations and servers. 4. SCOPE This policy applies to workstations or servers owned or managed by Bojanala Platinum District Municipality. This includes systems that contain organasation or customer data owned or managed by Bojanala Platinum District Municipality regardless of location. The following systems have been categorized according to management: Microsoft Windows servers are managed by BPDM system admin team. Workstations (desktops and laptops) managed by BPDM IT technician team. Page 3 of 5

5. POLICY Workstations and servers owned by Bojanala Platinum District Municipality must have up-to-date (as defined by Global Systems Office s minimum baseline standards) operating system security patches installed to protect the asset from known vulnerabilities. This includes all laptops, desktops, and servers owned and managed by Bojanala Platinum District Municipality. 6. WORKSTATIONS Desktops and laptops must have automatic updates enabled for operating system patches. This is the default configuration for all workstations built by Bojanala Platinum District Municipality. Any exception to the policy must be clearly defined and documented. The organization will have centralized Winsus mini server(s) placed at key points. These servers will download the patches during the night and upload to workstations during the day. This setup is intended at reducing network bottlenecks. 7. SERVERS Servers must comply with the minimum baseline requirements that have been approved by the Global Security Office. These minimum baseline requirements define the default operating system level, service pack, hotfix, and patch level required to ensure the security of the Bojanala Platinum District Municipality asset and the data that resides on the system. Any exception to the policy must be clearly defined and documented. 8. ROLES AND RESPONSIBILITIES BPDM System Administration Team will manage the patching needs for the Microsoft Windows servers on the network. BPDM IT Technician Team will manage the patching needs of all workstations on the network. Information Security Team is responsible for routinely assessing compliance with the patching policy and will provide guidance to all groups in issues of security and patch management. The Change Management Board is responsible for approving the monthly and emergency patch management deployment requests. 9. MONITORING AND REPORTING Active patching teams noted in the Roles and Responsibility section (5.0) are required to compile and maintain reporting metrics that summarize the outcome of each patching cycle. These reports shall be used to evaluate the current patching levels of all systems and to assess the current level of risk. These reports shall be made available to Information Security and Internal Audit upon request. Page 4 of 5

10. ENFORCEMENT Implementation and enforcement of this policy is ultimately the responsibility of all employees at Bojanala Platinum District Municipality. Information Security and Internal Audit may conduct random assessments to ensure compliance with policy without notice. Any system found in violation of this policy shall require immediate corrective action. Violations shall be noted in the Bojanala Platinum District Municipality issue tracking system and support teams shall be dispatched to remediate the issue. Repeated failures to follow policy may lead to disciplinary action. 11. EXCEPTIONS Exceptions to the patch management policy require formal documented approval from the GSO. Any servers or workstations that do not comply with policy must have an approved exception on file with the GSO. 12. POLICY REVIEW The policy will be reviewed annually. Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 SANS Institute 2006 All Rights Reserved Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information