Secure Computing Project

OverviewComputer StandardServer StandardContactFAQ

Project overview

The CU Boulder campus is adopting baseline security standards for university-owned computers and servers that will be implemented over time. In order to better ensure the integrity of the shared information technology environment on our campus, these standards will help address the following challenges:

  • Increase the security of university computing assets including data.
  • Reduce risk to university intellectual property. ​
  • Drive enterprise effectiveness and reduce risk of software audits.
  • Provide support to a broad set of employees.
  • Maintain employee flexibility in their technology to conduct their teaching, research, and creative work.

As of July 19, Dell and Apple computers ordered through the CU Marketplace will arrive preconfigured to meet the Secure Computing Standard. Learn more about the purchase and enrollment process for these computers on the Secure Computing for Faculty and Staff page. Support information designed for IT professionals is on the Secure Computing - Information for IT Professionals page.

Why does CU Boulder need computer and server standards?

  • The complexity, speed and number of cyber threats are increasing and colleges and universities are being targeted by aggressive cyber attacks.
  • We need to better support hybrid teaching, learning and work in a secure manner.
  • A security disparity exists between those whose devices are managed by campus IT professionals and those that are not.
  • We must advance campus technology in a manner that keeps a CU Boulder education affordable and attainable for a robust and diverse student body.

These changes are among a number of significant changes CU Boulder is making to create a hybrid-smart IT environment for CU Boulder. Learn more about these changes on the OIT Major Projects & Service Direction page. 

Computer standard

To ensure the integrity of the shared information technology environment, all university-owned computers will need to meet these computer standard requirements. Click the button below to review the full Computer standard policy. 

Secure Computing Standard for Computers

Server standard

A university server is considered any physical, virtual, or cloud-based device that manages network resources and is owned by the university or connected to a university-owned network. To ensure consistent application of protections and adherence to the CU baseline security requirements, campus servers will need to meet the requirements outlined on CU Boulder's policy page. 

Secure Computing Standard for Servers

How will this affect me?

Learn more about how this project will better protect computers and servers that you use or support:

Faculty and Staff
  • This software will better protect data stored on your computer and in the cloud by providing vulnerability scanning, protection against unauthorized access to files on your computer, automatically deployed software and operating system updates, and antivirus and malware protection.
  • Starting in 2023, departments will be provided with the capability to order new Dell and Apple computers through Marketplace that will be fully compliant with the security standards.
  • In 2023, departments will be provided with the capability to bring pre-existing computers up-to-date to meet the standards. 
Research Institutes' Faculty and Staff
  • Both computer and server standards will apply to Research Institutes. The timeframe for adoption and compliance will begin in 2023 using a phased approach.
  • All servers on a campus network that are used by a CU-governed campus organization must be aligned with the standards for servers.
IT Support Professionals
  • Starting in 2023, departments will be provided with the capability to order new Dell and Apple computers through Marketplace that will be fully compliant with the security standards.
  • In 2023, departments will be provided with the capability to bring pre-existing computers up to date to meet the standards.
  • Support teams (Department IT Practitioners, Buff Techs, etc.) will be provided with support documentation and tools to help bring their customer bases up to the defined standards. 
Server Administrators
  • All servers on a campus network that are used by a CU-governed campus organization must be aligned with the standard for servers.
  • By July 29, 2022, all Windows based servers must have Microsoft Defender configured to report status.
Marketplace purchasers
  • Starting in 2023, computers purchased through the CU Marketplace will include software that allows for the device to meet baseline security standards for university-owned computers.
Student Organizations
  • All Windows based servers on a campus network that are used by a CU-governed campus organization must be aligned with the standard for servers. This includes servers that are used by CU Boulder student organizations.
  • By July 29, 2022, all Windows based servers must have Microsoft Defender configured to report status.

Contact Us

If you have project-related questions, send an email to oitfeedback@colorado.edu with Secure Computing Project in the subject line.

General FAQ

How were the Standards determined?

The Secure Computing Standards build on and simplify the implementation of security safeguards outlined in APS 6001 and APS 6005, as well as the NIST 800-53-based Systemwide Baseline Security Standards and Highly Confidential & Highly Critical System Information Security Standard

What is the timing of the implementation? Standards, New computers, existing computers, & servers.
  • Standards: Communication about the standards began in June 2022 after several rounds of technical and leadership reviews. Standards are currently posted and will be implemented over time.
  • New computers: New Dell and Mac computer purchases through Marketplace will be available beginning in 2023 and will arrive configured to meet the standards. 
  • Existing computers: OIT is working to define the upgrade paths for existing computers to the standard. All computers will be expected to meet the standard within a reasonable computer refresh lifecycle. When a final date is decided, OIT will communicate it campuswide. In the meantime, if a computer needs the operating system to be rebuilt, you should follow the instructions to enroll computers in Secure Computing during the rebuild.
  • Servers: All University-owned servers are to at a minimum have MS Defender with the CU-specific configuration; ensuring the server’s data be sent to CU Boulder’s Azure tenant and made available in Security Center.  Solutions for Linux servers is still being investigated. 
  • University-owned tablets and phones are an important piece of our technology infrastructure and frequently handle sensitive information. These devices will have standards defined, but not in this current scope and timeframe. 
What is OIT’s role in Secure Computing standards for computers and servers?  

As designated in APS 6005, the CIO is designated by the Chancellor with oversight authority for all campus IT operations and may enforce the requirements of University and campus policies for information security. For the Secure Computing project, OIT is providing and supporting solutions that will make it easier to comply with the new Standards in collaboration with the campus community. Finally, OIT may shut down IT operations that are out of compliance with this and other IT policy. 

Server Standards FAQ

Do the standards apply to Linux servers and workstations?

Yes, the standards apply to Linux machines. The project team is still investigating the best solution for endpoint detection and response software.

Within the Server standard there is mention of other approved software equivalents, where is the list of software? 

Exceptions will be granted on a case-by-case basis for other approved software equivalents. At this time, we do not plan to publish the list of exceptions as one of the primary goals of this project is reducing complexity and redundancy across campus.