Endpoint Security Compliance 3 – Campaign Phases (481)


Campaign Phases

Please note the many of these details are specific to IT professionals and those that self-administer their machines. 

Phase 1

By August 31 – Complete

  • Disable Auto-Run and Auto-Play
    Active Directory Group Policy will be configured to disable auto-run or auto-play technology. Auto-run and auto-play enable devices to automatically launch programs from external drives or media that are connected.
    IT Staff – View the GPO that will Disable Auto-Run >

By September 15 – Complete

By September 30 – Complete

  • Transition from FireEye to Cortex XDR
    Transition from FireEye anti-malware software to Cortex XDR Installation of endpoint management tools on Institute-owned devices for all departments with local IT support.

Phase 1 Completion

100%

Phase 2

Compliance by December 31, 2021

Full Endpoint Compliance

  • Installation of endpoint management tools on all Institute-owned devices (workstations, laptops, and servers), including those in departments without local IT support.
  • Idle screen lock
  • Patch management
  • Host based firewalls
  • Log management
  • Eula/Banner

Inventory

  • Complete inventory of Institute-owned devices due (Departments will be able to upload inventory data into a SnipeIT reporting instance)

Knowledge Article – SnipeIT: Syncing Assets to the Roll up Instance>
Knowledge Article – SnipeIT Inventory Rollup Process
>
Knowledge Article – SnipeIT – Rollup Attribute Requirement Details
>

Each department is expected to upload their inventory data according to the reporting schedule below. The intent of having an incremental reporting schedule is to ensure consistent progress is made by each unit before the inventory deadline of December 31, 2021. A report will be generated at the end of each reporting period and communicated to Georgia Tech Leadership to report overall inventory progress. Please note that December 31, 2021 is the deadline for Georgia Tech to have completed its first centralized asset endpoint inventory based on the USG Endpoint Audit findings and proposed Management Response.

Reporting Schedule

• Period 1: 9/3 – 9/17
• Period 2: 9/17 – 10/1
• Period 3: 10/1 – 10/15
• Period 4: 10/15 – 10/29
• Period 5: 10/29 – 11/19
• Period 6: 11/19 – 12/1

VPN Solution Transition

Phase 2 also includes the complete transition from the Cisco AnyConnect VPN to the GlobalProtect VPN solution. While many students, faculty, and staff already use the GlobalProtect client and web-based solution, this phase ensures that all AnyConnect users completely transition to GlobalProtect. The transition dates vary based on your role at Georgia Tech and are shared below:

  • OIT System Administrators: 9/28/21
  • CSRs/IT Community: 11/2/21
  • Faculty/Staff/Employees: 12/21/21
  • Students/All Others: 5/10/22

Phase 2 Completion

5%

Phase 3

By July 31, 2022

  • Network-based enforcement and controlled admission will be implemented for Institute-owned devices. This restricts access to Georgia Tech’s network to Institute-owned endpoints with approved endpoint management and protection solutions installed.
  • Mechanisms will also be developed to control admission of BYOD devices accessing the GT network and application.
  • Device encryption
  • Administrative privileges
  • CASB
  • Sunsetting non-0365 mail servers

Phase 3 Completion

0%

Leave a Reply

Your email address will not be published.