2025/02/25 - Important - Leave your computer on and internet connected

It is critical and mandatory to leave all UMB owned/Work purchased computers (Mac and Windows) powered on and connected to the internet for a minimum of 24 consecutive hours for security/patching each week. Please understand that device vulnerabilities are a concern at the highest levels of the school and campus due to increasing threats.  It is everyone’s responsibility to ensure all university-owned computers, including laptops and work-from-home devices remain compliant. 

Devices not connected and falling out of compliance will have network access disabled.

2024/10/09 - IMPORTANT- Inactive Computer Remediation Procedures

Colleagues,

Due to increasing cyber security threats and attacks, the campus has mandated the attached UMB Vulnerability and Patch Management Policy. It is everyone’s responsibility to ensure all university-owned computers, including laptops and work-from-home devices remain compliant with this policy.  Computers that go long periods of time without connecting to the Internet and our management tools are at greater risk because they are not getting regular security updates.  Therefore, the SOM Information Security Office, along with your departmental IT groups, will be implementing new enforcement actions regarding inactive computers to ensure compliance.  

It is the expectation of everyone that has been provided a university-owned computer, including laptops and work-from-home devices, that the computer remains powered on and connected to the Internet for a minimum of 24 consecutive hours each week.   This connection time allows the computer to receive critical security updates. 

Beginning October 14, 2024, computers not adhering to the above expectation will be identified and a progressive remediation effort will be initiated.   These remediation steps are outlined below:

• Step 1 – If a computer has not been observed as online in the last 14 consecutive days, the identified user of the computer will be contacted via email with a reminder to connect the device to the Internet for a minimum of 24 consecutive hours.
• Step 2 - If a computer has not been observed as online in the last 21 consecutive days, the identified user will be notified via email with a reminder to connect the computer to the Internet for a minimum of 24 consecutive hours and that the computer will have network access disabled if not connected within 7 days.
• Step 3 – If a computer has not been observed as online in the last 28 consecutive days, the computer will have network access disabled and a notification via email will be sent to the identified user requesting that they coordinate a time with their departmental IT support group to re-activate network connectivity and ensure security updates are installed.
• Step 4 - If a computer has not been observed as online in the last 60 consecutive days, the identified user of the device will be notified that they are required to return the device to their departmental IT support group.

Please understand that device vulnerabilities are a concern at the highest levels of the school and campus due to increasing threats. 

Thank you for your cooperation in keeping our systems secure. If you have any questions, please reach out to the SOM Information Security Office at iso-alert@som.umaryland.edu

Archived Headlines

To view archived headlines, click here.