Student Affairs Endpoint Patch Management Policy
1. Purpose
This policy outlines the requirements for keeping all Student Affairs endpoints (desktops, laptops, mobile devices) up-to-date with the latest security patches and software updates to protect the confidentiality, integrity, and availability of university information assets. Virginia Tech’s minimum security standards state that the security patches must be applied to all endpoints within 30 days of the publish date to be compliant with the university security policy.2. Importance of Patching
Security patches fix vulnerabilities that could allow attackers to compromise your device and access sensitive data. Unpatched systems put you and the university at risk of data breaches, malware infections, and system instability.3. Managed Devices (Kaseya, BigFix, Jamf)
Most Student Affairs devices are centrally managed, and software updates, including security patches, are deployed automatically using Kaseya, BigFix, or Jamf, depending on the device type.Even with these management tools, your cooperation is vital:
- Keep Devices Powered on and Connected: Whenever possible, leave your devices powered on and connected to the network, especially after work hours. This ensures they receive and install updates promptly.
- Regularly Connect Unused Devices: Ensure that devices not used daily are connected to the network at least once a month for 24 to 48 hours to receive updates.
4. Non-Compliance Notification
As a courtesy, users will receive a notification (via email or system message) 7 days prior to reaching the 30-day non-compliance mark. This notification will inform users of their non-compliance and require them to bring their device to the IT Service Desk at 333 Squires student center for immediate patching.5. Non-Compliance and Device Isolation
To maintain a strong security posture, Student Affairs adheres to the university's patch policy. Devices that remain unpatched for more than 30 days from the release date of security updates will be temporarily isolated from the network until the necessary updates are applied.6. User Responsibilities and Best Practices
- Be Aware of Update Notifications: Pay attention to notifications from your device or management software (Kaseya, BigFix, Jamf) indicating that updates are available or require installation.
- Look for Signs of Trouble: Be vigilant for unusual device behavior that may indicate a need for updates, such as slow performance, frequent crashes, or unexpected error messages. Report these issues to the IT Service Desk promptly.
- Contact IT Support: If you have any questions about updates, experience problems during the update process, or require assistance, please contact the IT Service Desk at dsaitsupport@vt.edu.
By adhering to this policy and following these best practices, you play a vital role in safeguarding both your productivity and the security of university information.