Data Location: Endpoint

Secure destruction

Apr 28, 2024

—

by

campus

Destroy devices and media that are no longer needed in a way such that no information can be recovered.
Data minimization

Apr 28, 2024

—

by

campus

Limit the storage and collection of data at this risk level to that which is necessary to accomplish the legitimate purpose for which it is collected.
Unique user accounts

Apr 28, 2024

—

by

campus

Create a unique, non-privileged, account for each user. Assign a different password for user and administrative accounts.
System inventory

Apr 28, 2024

—

by

campus

Create and maintain an inventory of systems that includes device ownership, contact information, and network configuration.
Data inventory

Apr 28, 2024

—

by

campus

Create and maintain an information inventory that includes classification level, information owner, and users with access.
Multi-factor authentication Endpoints

Apr 28, 2024

—

by

campus

Utilize multi-factor authentication for remote access.
Password at startup

Apr 28, 2024

—

by

campus

Enable password protection at startup.
Default passwords

Apr 28, 2024

—

by

campus

Change default or vendor-supplied passwords and remove default accounts.
Encrypt passwords

Apr 28, 2024

—

by

campus

Store and transmit only encrypted passwords.
Compromised passwords

Apr 28, 2024

—

by

campus

Change passwords immediately if a compromise is suspected.