Resources
Use Compensating Controls for Windows 2008 End of Life
Identify
- Already accomplished and tracked via Trello.
- OIT Microsoft Platform Team (MPT) and project team tracks migration plan with regular check-ins with unit.
Protect
- Unit maintains device segmentation.
- Device must be behind a default deny firewall or proxy.
- Authorized access is limited to only needed accounts.
- Unit communicates security awareness to users (possibly with acknowledgement form).
- In the event a system becomes highly vulnerable to an unpatchable security risk, the device will be disconnected from the network. An upgrade will be required regardless of exception status.
Respond
- Unit notifies University Information Security ([email protected]) and OIT of changes to use case/security level.
- Unit notifies University Information Security ([email protected]) and OIT of any changes to its retirement plan. For example, change of retirement dates and why.
- In the event a system is compromised, an upgrade will be required regardless of exception status.
More Information
University Policies
Exception to Policy
Intended Audiences
Students
Instructors
Researchers
Staff & Departments
Health Sciences Affiliates
IT Staff and Partners