Windows Operating System and Anti-Virus Update Policy

Agnes Scott College is committed to ensuring a secure computing environment and recognizes the need to prevent and manage information technology (IT) vulnerabilities.  A compromised computer threatens the integrity of the network and all computers connected to it.  Proactive operating system patch and vulnerability management reduces or eliminates potential exploitation and involves less time and effort than reactively responding after an exploitation has occurred.

The purpose of this policy is to ensure all college-owned devices are proactively managed and patched with appropriate updates 

All college network servers will be maintained with the latest security patches to their operating systems and key applications as follows:

  • High/critical patches are applied within 30 calendar days.
  • Medium/high severity or those for non-critical systems must be applied within 90 days
  • Low priority patches will be installed on a case-by-case basis

All college owned desktop or mobile computers will be maintained with the latest security patches to their operating systems as follows:

  • Systems will be remotely updated via Microsoft’s Windows Sever Update Services (WSUS)
  • Updates to campus desktop and laptop computers will be scheduled for Tuesday, 11:00 p.m. to 3:00 a.m.
    • A notification pop-up will be displayed to allow the update to be delayed if the machine is in use.
    • Updates may require a system reboot
    • If you are traveling with your laptop or at home, these updates will apply themselves automatically when you return to campus.
Anti-Virus software and virus definition updates are remotely updated when released by our anti-virus software vendor.

Path and Filename: W:\Compsvcs\Policy-Procedure\Security\windows-os-av-update.doc
Policy Clarification or Modification:  Direct to the Associate Vice President for Technology
Approved:  N/A
Revised Date: August 2018