April 2, 2024
Vulnerabilities are discovered frequently in software and they put your computer, data and the enterprise at risk. In order to stay secure and compliant with Mass General Brigham policies, make sure that you are running a current, supported Operating System (OS) and that your software applications are up to date. See below the table for a list of policies.
Devices connecting to the Mass General Brigham network will be checked for compliance with security requirements by the Network Access Control (NAC) tool. According to policy, all non-compliant, compromised or infected devices will be removed from the network. See below to read more about NAC at Mass General Brigham.
OS/Device |
Minimum Supported Version |
Self Service Instructions |
Support / Contact |
| Windows Computer | Digital Service Desk
|
||
| Standard * |
Win10 21H2 or above, Win 11 21H2 or above |
No action (these are managed by Digital) | |
| Non-standard | KB0031028 | ||
| Personal | KB0031028 | ||
| Macintosh Computer | macOS 12 or above | KB0037831 | |
| iOS or iPadOS | iOS or iPad OS 14 or above | KB0014183 | |
| Android | 10 or above | KB0033128 | |
| Windows Server | |||
| Hosted in the data center | 2012 R2 or above | No action (these are managed by Digital) | |
| Not hosted in the data center | Contact the Digital Service Desk to determine next steps. | ||
| Linux Server | |||
| Hosted in the data center | CentOS 7 or above | No action (these are managed by Digital) | |
| Not hosted in the data center | Contact the Digital Service Desk to determine next steps. | ||
Policies
EISP 1.2: Enterprise Information Security Policy
EISS-12a.4: Enterprise IT Acquisition, SDLC and Maintenance Standards: General Use IT Systems
More about NAC
Mass General Brigham (MGB) is committed to providing a consistent computing experience across all devices used at work to assure productive, stable and secure computers (Windows PCs, Apple Macs, smartphones and tablets). Network Access Control (NAC) is a component of the overall effort with a focus on strengthening the security of our environment.
Network Access Control (NAC) checks devices connecting to the Mass General Brigham computer network for compliance with specific security policies. The current agent used at Mass General Brigham is ForeScout SecureConnector.
ForeScout SecureConnector is installed on most Mass General Brigham standard Windows workstations and some PEAS-enrolled Macs. Mobile devices, such as phones or tablets, and Linux * computers are exempt at this time.
The attached list of Operating Systems (OS) are no longer supported by Mass General Brigham and therefore, not supported by ForeScout SecureConnector.
* HOWTO: Determine whether you are using a standard or non-standard computer