TTUHSC IT Policies
1.4.18 SERVER HARDENING
A server cannot be connected to the TTUHSC network until it is in a TTUHSC I.T. approved
secure state. Prior to connecting the server to the network, the following must be
Before connecting to the network
- Install I.T. approved anti-virus software, and
Immediately after connection to the network, the following must be completed:
- Apply the latest vendor supplied patches, which have been tested for compatibility
with the production environment.
Note: For more detailed information and procedures based on specific operating system,
please refer to Guidelines For Operating Systems Security at http://www.ttuhsc.edu/it/admin/policy/ossecurity.aspx.
All servers are required to be submitted to a vulnerability assessment performed by
TTUHSC Information Technology Security group (ITS) prior to use.
In the event that a vulnerability or a combination of vulnerabilities are discovered
that constitute an unacceptable level of risk as deemed by TTUHSC ITS, the server
administrator is responsible for ensuring they are addressed. Any such risk must be
addressed prior to production use. Further scanning may be required.
TTUHSC ITS will monitor security issues, both internal and external to TTUHSC, and
will monitor the release of security patches on behalf of TTUHSC. After the server
administrator is notified by the ITS, patches must be implemented within a specified
timeframe determined by the security level of the patch, or the risk level of the
vulnerability. ITS will routinely monitor to ensure the system(s) are in compliance.
Failure to comply with these guidelines can result in the server(s) being removed
from the network.
TTUHSC I.T. will perform due diligence in testing security patches before release