Operating Systems

Are the operating systems we use updated with the appropriate security "patches"?

Keeping personal computer and server operating system software up to date is a critical step in establishing a secure computing environment. As the SANS Institute noted in its initial list of "top 20 security vulnerabilities":

A few software vulnerabilities account for the majority of successful attacks because attackers are opportunistic – taking the easiest and most convenient route. They exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, by scanning the Internet for vulnerable systems.

These questions can help you understand if the operating systems used in your department are a source of security vulnerabilities:

• Are only FSU-supported operating systems used?
• Are we applying appropriate operating system updates and security "patches" in a timely manner to all department computers and servers?
• Do we periodically have our servers and desktops scanned by FSU for security vulnerabilities?
• Have we disabled unnecessary services and features in our desktop and server operating system configurations?
• Do we prohibit or restrict shared drives or folders on our desktop computers?
• Have we verified that file permissions are properly set on our servers?
  

An answer of "no" to any of the above questions indicates a risk for which remedial steps should be considered.

Vulnerabilities and methods for closing them vary greatly from one operating system to another. Advice and other information can be found on the Helpdesk and ACNS websites. Computer users are also encouraged to frequently visit operating system vendor websites for current information on security those systems.