(D104) Workstation Security
- Conditions for Use: Users may use only the IP address assigned by the Information Technology department or its designee.
- Users may not modify their assigned IP address or change/mask their MAC address to disguise their personal identity or the identity of their computer.
- Unless authorized by the Information Technology department, in accordance with paragraph 4 below, users may not configure their workstations to allow remote access for either authenticated or anonymous users.
- Access Control: All workstations shall be physically secured from unauthorized access.
- Passwords or identifying credentials shall be sufficiently complex to reduce vulnerability and to provide for secure log-ons. Users shall not post or share their personal passwords or credentials.
- Users shall not use automatic log-ons or facilitate any log-on procedure that will circumvent the authentication process. Unattended workstations shall be powered off or secured in such a way as to protect the computer and network from unauthorized access.
- Workstation Maintenance: Users shall be responsible for:
- Installing protection against malicious software (e.g. virus, spyware, adware, Trojan horse programs) on the workstation prior to connecting to the University network,
- Maintaining such software and signature files to ensure that the workstation remains protected from infection, and
- Ensuring that all operating system and application patches are applied.
- Before disposing of a workstation users shall remove all data, including all software, from the machine. Data removal must be done in such a manner that it cannot be recovered.
Users may contact the Information Technology department’s Help Desk for instructions or assistance.
- Workstation Remote Access: To be authorized for remote access, a workstation must be:
- Securely configured to allow access to only the workstation owner.
- Patched and updated so that there are no vulnerabilities. After review and if appropriate, the Information Technology department may authorize remote access.
Policy adopted from StonyBrook.edu as of March 1, 2017