I. OBJECTIVE & PURPOSE
The purpose of this policy is to maintain a secure network environment for the University and to prevent the spread of malware and other security incidents. Software updates are a vital mechanism in keeping computers that connect to the University of North Florida (UNF) network secure. Computers that do not receive software updates in a timely manner are vulnerable to attack. Exploitation of vulnerabilities within unpatched software can lead to infection and uncontrolled spread of malware resulting in the compromise of sensitive information, as well as the risk of network resources becoming unavailable to UNF students, faculty and staff.
The University has systems which automatically download and install updates for UNF computers. Software updates often require rebooting the computer after installation to complete the install process. UNF's Information Technology Services (ITS) seeks to reduce the aforementioned risks by automatically rebooting the computers after software updates have been installed. This action ensures that software updates are completed in a timely fashion.
II. STATEMENT OF POLICY
UNF computers and other technical resources are used to advance the mission of the University and must be properly protected. This policy applies to all computers owned by UNF and maintained by ITS. This policy supports the University's Policy, Network Acceptable Use: https://www.unf.edu/president/policies_regulations/06-AdminFinance/6_0050P.aspx . This policy is also in accordance with the National Institute of Standards and Technology's (NIST) Special Publication 800-53(Rev. 4), SI-2(5): Flaw Remediation | Automatic Software / Firmware Updates
Software Updates: Normal and Emergency
Normally, UNF computers receive updates and will be automatically rebooted during the scheduled maintenance window: Sunday from 5 a.m. - 9 a.m.
There may be instances when emergency software updates and reboots are required outside of the scheduled maintenance window. These updates are considered critical and time sensitive. Campus communication will be sent out with details of the emergency updates and next steps.
Limited Deferment Requests
Deferral of scheduled reboots can be requested for systems performing specialized tasks which may be adversely affected by an automatic reboot; examples include data collection and analysis or other long-running processes. This is classified as a "limited deferment".
To request a limited deferment, please contact ITS and provide the computer name (preferable) or the UNF asset tag, a clear explanation of why the computer should not be automatically rebooted, and a reasonable estimate of how long this machine will be performing this function. Deferrals are time-limited and are subject to renewal each semester. Deferred computers are still required to apply patches and reboot when critical patches or other urgent situations arise as determined by IT Security.
Approved by Executive Staff February 2018.