Security Patch Policy

Effective Date: January 31, 2008

Last Reviewed: June 30, 2015

Review by: July 1, 2016

Policy Statement

This standard identifies the need to apply vendor-issued critical security updates and patches regularly to protect College data and systems. It applies to all electronic devices connected to the College network including computers, network switches and routers, personal digital assistant devices, laptop computers, etc. 

Purpose

Almost all operating systems and many software programs have periodic security patches released by the vendor that need to be applied. If critical patches and updates are not applied on a regular basis, computers on the College network risk being vulnerable to various worms, viruses, Trojans, and direct hacker attacks. The result can be loss of data, denial of service for other users, or attacks directed at other Internet users from the compromised machine.

You can view the full policy to the right or by clicking here.