You are here

Security Patching

See the Security Patching Standard in the University's Information Security policy for specific requirements that you must follow.

Standard and Process

Vendors (or the open source community) periodically publish a security patch for their operating system or application program. A security patch fixes a security vulnerability. Install security patches when made available.

Older versions of applications increase the risk of the software not having current security patches developed. Installation of newer versions of the operating system or application program may be needed.

IT staff are responsible for working with users, data owners and service directors to develop security patch plans for University resources.

Users, data owners and service directors need to work with IT staff to understand and follow the security patch plan. This may include connecting the computer to the University network to download patches and restarting the computer to apply the security patches.

More Information

Document Owner: University Information Security

Document Approvers: Brian Dahlin, Chief Information Security Officer; Patton Fast, University Enterprise Architect

Effective Date: August 2010

Last Reviewed Date: November 2014