Minimize system functionality
Applications are useful tools for managing many documents and processes, both personal and professional. But each app presents a new security risk if it is not properly maintained. An excess of apps on a device means more potential entry points that a cyber attacker can exploit. Even if every app on a system is necessary in some way, using any of them inappropriately can still present security risks.
Faculty and staff should avoid installing unnecessary applications or enabling unnecessary functions on IT devices. Faculty and staff who work with sensitive University information must adhere to specific requirements for the IT devices used for those tasks. This requirement can be automated through the University's computer management service.
- Configure sensitive, critical, or mission critical devices with only the minimum necessary software and settings for its required functions.
Follow these guidelines to restrict applications on critical or mission critical systems.
- Install only the software or applications necessary to fulfill the device's required functions.
- Use the device for only its required functions. For example, do not use sensitive or critical systems to browse the internet or play music.
- Do not install peer-to-peer applications on any system containing sensitive or sensitive information.