Differences

This shows you the differences between two versions of the page.

--- wiki:policies:end_user_device [2022/01/11 19:52]
kholub
+++ wiki:policies:end_user_device [2024/01/25 23:39] (current)
katcow
@@ Line 16: / Line 16: @@
 ===== III. End-User Device Policy =====
-We require end-user devices to be protected by the security procedures describe:
+We require end-user devices to be protected by the security procedures described:
   * Access to the device is protected with a password, PIN, or suitable biometric alternative.
@@ Line 25: / Line 25: @@
   * Software or apps should not be installed unless the user explicitly trusts the source and knows a legal license exists.
   * Employees must comply with software vendor license agreements and copyright holders’ notices. Making unauthorized copies of licensed and copyrighted software, even for evaluation purposes, is strictly forbidden.
+  * Employees are discouraged from storing client materials on their local machines; instead, files that are not in the production environment should be stored in an encrypted cloud folder.
-===== V. Anti-Malware Policy =====
+==== Software Review ====
-We require Nested Knowledge employees and contractors to run antivirus software on the computers at specified periods. We require employees and contractors to use Malwarebytes to scan and detect malware and randsomware. Positive findings must be reported to the CTO.
+Nested Knowledge reviews the applications installed on employee devices on a quarterly basis using our Mobile Device Management solution.
+===== IV. Anti-Malware Policy =====
+We require Nested Knowledge employees to run antivirus software on the company-issued computers. Software includes macOS built-in [[https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web|anti-malware technologies]] and Mosyle's [[https://school.mosyle.com/solutions/macos/detection|Detection & Removal technology. ]]We require contractors to use Malwarebytes to scan and detect malware and ransomware. Positive findings must be reported to the CTO. Antivirus software installs must be updated (either by updating ruleset or fresh reinstalling) whenever scans are performed.
 === Schedule ===
-The schedule for scanning is subject to change, but it will not fall below the minimum of twice annually. The schedule will be revised based on the level of threats and size of the company.
+The schedule for scanning is subject to change, but it will not fall below the minimum of twice annually. Currently, Nested Knowledge employee devices use macOS malware defense as well as Mosyle's anti-virus tools. macOS's built in technology [[https://support.apple.com/guide/security/protecting-against-malware-sec469d47bd8/web|XProtect]] updates signatures automatically when new malware infections and strains are detected.
 === Reporting ===
@@ Line 51: / Line 56: @@
 ^Author^Date of Revision/Review^Comments|
-|K. Cowie|12/15/2021|Draft Completed|
+|K. Cowie|01/25/2024|Added application review|
 |K. Holub|12/15/2021|Policy approved|
-|K. Kallmes| |Policy approved|
+|K. Kallmes|12/18/2021|Policy approved|
+|P. Olaniran|10/25/2022|Minor revisions|
+[[:wiki:policies|Return to Policies]]

Nested Knowledge

User Tools

Site Tools

Differences

Page Tools