Many polices are based on a custom parameter that defines the criteria for exceptions. The following list defines the available policies and the associate parameter.
| Name | Description | Type | Parameter | ||
|
Applications |
|||||
| Application Category Search | Ensures no applications are installed from a particular category. | Text | Category contains text. Ex: bloatware | ||
| Application Publisher Search | Ensures no applications are installed from a particular publisher. | Text | Publisher contains text. Ex: activision | ||
| Application Search | Ensures no applications are installed matching a particular name. | Text | Application contains text: Ex: itunes | ||
| Cloud Storage Search | Ensures no applications are installed that are flagged as Cloud Storage. | Cloud storage is a checkbox defined when editing applications. | |||
|
Domain |
|||||
| Domain Expiration | Checks for upcoming domain expirations. | Num | Number of days until expiration. Ex: 30 | ||
|
Endpoints |
|||||
| Antivirus - Installed | Provides an important layer of protection for workstations. | ||||
| Antivirus - Third Party | Adds an additional set of threat intelligence analysis. | ||||
| Antivirus - Vendor | Ensures approved antivirus is installed. | Text | Vendor name contains text. Ex: webroot | ||
| Current OS Version | Checks workstation OS against valid list. Multiple versions are separated with a comma ','. | Text | Version contains text: Ex: windows 10 | ||
| Encrypted Hard Drive | Prevents unauthorized access to data even if the hard drive is removed. | ||||
| Free Space Available | Ensures adequate space is available on hard drives. | Num | Free space percentage. Ex: 10 | ||
| Old Technology | Looks for workstations based on technology in excess of months specified. | Num | Number of months since processor release. Ex: 36 | ||
| OneDrive Desktop Mapping | Checks desktop folder is mapped to OneDrive. | ||||
| OneDrive Documents Mapping | Checks documents folder is mapped to OneDrive. | ||||
| OneDrive Pictures Mapping | Checks pictures folder is mapped to OneDrive. | ||||
| Password Required | Checks for enabled user accounts not requiring a password. | ||||
| Personal OneDrive | Checks for active personal OneDrive account. | ||||
| Recent OS Updates | Ensures the latest protections from threats. | ||||
| Screensaver Enabled | Ensures that workstations are secured with a screensaver for privacy. | ||||
| Slow Performance | Looks for workstations that perform below 80% of current average PassMark(R) score. (i5-8350U) | Num | Passmark score of an average workstation. Ex: 8161 | ||
| Software Installed | Ensures that the specified application is installed on all workstations. | Text | Application name contains text: Ex: skype for business | ||
| Software Not Installed | Checks workstations to ensure specified application is not installed | Text | Application name contains text: Ex: spotify | ||
| Version Not Installed | Checks workstations for a particular software and version based on parameter. Name and version are separated with a comma ','. | Text | Application name and version contains text: Ex: office 365 pro,16.0 | ||
| Warranty Coverage | If available, checks to see if workstation is under warranty coverage. Unknown is compliant. | ||||
|
Office 365 |
|||||
| Strong Authentication | Checks Office 365 users to make sure strong authentication is enabled for users. | ||||
|
Servers |
|||||
| Antivirus - Installed | Provides an important layer of protection for servers. | ||||
| Antivirus - Third Party | Adds an additional set of threat intelligence analysis. | ||||
| Antivirus - Vendor | Ensures approved antivirus is installed. | Text | Antivirus provider name contains text. Ex: webroot | ||
| Current OS Version | Checks server OS against valid list. Multiple versions are separated with a comma ','. | Text | Version contains text: Ex: server 2012,server 2016 | ||
| Encrypted Hard Drive | Prevents unauthorized access to data even if the hard drive is removed. | ||||
| Free Space Available | Ensures adequate space is available on hard drives. | Num | Free space percentage. Ex: 10 | ||
| Old Technology | Looks for servers based on technology in excess of months specified. | Num | Number of months since processor release. Ex: 48 | ||
| Password Required | Checks for enabled user accounts not requiring a password. | ||||
| Personal OneDrive | Checks for active personal OneDrive account. | ||||
| Recent OS Updates | Ensures the latest protections from threats. | ||||
| Screensaver Enabled | Ensures that servers are secured with a screensaver for privacy. | ||||
| Slow Performance | Looks for servers that perform below 80% of current average PassMark(R) score. (Xeon E3-1270 v6) | Num | Passmark score of an average workstation. Ex: 11115 | ||
| Software Installed | Ensures that the specified application is installed on all servers. | Text | Application name contains text. Ex: microsoft sql server | ||
| Software Not Installed | Checks servers to ensure specified application is not installed. | Text | Application name contains text. Ex: spotify | ||
| Version Not Installed | Checks servers for a particular software and version based on parameter. Name and version are separated with a comma ','. | Text | Application name and version contains text: Ex: office 365 pro,16.0 | ||
| Warranty Coverage | If available, checks to see if server is under warranty coverage. Unknown is compliant. | ||||
Comments
0 comments
Please sign in to leave a comment.