Information Systems
2024/10/09 - IMPORTANT- Inactive Computer Remediation Procedures
Colleagues,
Due to increasing cyber security threats and attacks, the campus has mandated the attached UMB Vulnerability and Patch Management Policy. It is everyone’s responsibility to ensure all university-owned computers, including laptops and work-from-home devices remain compliant with this policy. Computers that go long periods of time without connecting to the Internet and our management tools are at greater risk because they are not getting regular security updates. Therefore, the SOM Information Security Office, along with your departmental IT groups, will be implementing new enforcement actions regarding inactive computers to ensure compliance.
It is the expectation of everyone that has been provided a university-owned computer, including laptops and work-from-home devices, that the computer remains powered on and connected to the Internet for a minimum of 24 consecutive hours each week. This connection time allows the computer to receive critical security updates.
Beginning October 14, 2024, computers not adhering to the above expectation will be identified and a progressive remediation effort will be initiated. These remediation steps are outlined below:
- Step 1 – If a computer has not been observed as online in the last 14 consecutive days, the identified user of the computer will be contacted via email with a reminder to connect the device to the Internet for a minimum of 24 consecutive hours.
- Step 2 - If a computer has not been observed as online in the last 21 consecutive days, the identified user will be notified via email with a reminder to connect the computer to the Internet for a minimum of 24 consecutive hours and that the computer will have network access disabled if not connected within 7 days.
- Step 3 – If a computer has not been observed as online in the last 28 consecutive days, the computer will have network access disabled and a notification via email will be sent to the identified user requesting that they coordinate a time with their departmental IT support group to re-activate network connectivity and ensure security updates are installed.
- Step 4 - If a computer has not been observed as online in the last 60 consecutive days, the identified user of the device will be notified that they are required to return the device to their departmental IT support group.
Please understand that device vulnerabilities are a concern at the highest levels of the school and campus due to increasing threats.
Thank you for your cooperation in keeping our systems secure. If you have any questions, please reach out to the SOM Information Security Office at iso-alert@som.umaryland.edu
2024/09/13 - AVD (DOM Desktop) Important Update
Microsoft has released a new app to replace the “Remote Desktop” app. It is called “Windows App.” Please start using this new app at your earliest convenience. (The old app will continue to work for now.) Instructions to install the app on work and personal computers are in this link. https://www.medschool.umaryland.edu/medicine/is/remote-access/remote-access---azure-virtual-desktop-avd/
In addition, upgrades have been made to “DOM Desktop” with the goal to improve performance. If you logged in prior to ~9am today, sign out (see graphic below) and sign back in to connect to the upgraded system.
Archived Headlines
To view archived headlines, click here.