Nt1330 Lab 1.2.3

440 Words2 Pages
Sub-Section 3.3.02.05 Monitoring Use of Information Technology Systems New Statement UnitedHealth Group owned workstations will continuously be monitored for unauthorized applications. Any unauthorized or unapproved application will be alerted to the Computer Incident Response Team for immediate remediation. Explanation • Appsense will audit all UHG owned workstations and virtual machines for any applications being run for the first time. Reports will be made available and sent to teams that continuously audit endpoint applications. Description New sub-section 5.1.0.2.01 – Application Services Future Statement Unknown services run within UnitedHealth Group workstations will be evaluated using the Information Risk Management risk…show more content…
New or unknown workstation applications require a risk review and to meet the minimum UnitedHealth Group acceptable risk. Explanation • Some endpoint applications will not have a thorough risk review and may be approved without comprehensive verification. • Modify? Subsection 5.1.06.01 –Restricted Use of System Audit Tools Current Statement Unauthorized usage of network diagnostic, monitoring and system audit tools may cause security exposures or system availability issues if not utilized in a controlled, scheduled manner. Possession, distribution or use of network or system diagnostic, monitoring and system audit tools is limited to designated and authorized employees or contractors in accordance with their job responsibilities, per 09.2.01 Non-Essential Services. Approval can only be granted by the Information Risk Management Organization. This includes anything which can replicate the functions of such tools. Unauthorized possession, use or distribution of such tools is prohibited Question • Can help desk approve temporary desktop applications? Would they do a risk review? • Temporary

More about Nt1330 Lab 1.2.3

Open Document