Compliance Requirements

All machines on campus are required to meet a basic set of security requirements, defined in the Endpoint Protection Standard (EPS), and it is the responsibility of the administrator of the endpoint to comply with these requirements. The CLS community strives to make it simple and easy to meet all the basic security requirements for basic systems, and most of the controls required by the EPS are available in the community Puppet code available to CLS tenants.

Note that the basic community Puppet code and provisioning environment are not certified for additional security requirements such as NIST 800-171 or PCI-DSS. Machines which must comply with these kind of additional security requirements must NOT use the community resources, and instead should use specific infrastructure with additional security constraints.