ISO Position Paper
Position Title: Software & Operating Systems
Position Audience: Princeton University Community
Contact: Information Security Office: [email protected]
Position Release Date: August 1, 2019
Last update: October 2, 2023
Software and operating systems (OS) have a life cycle. Vendors will release security updates throughout the supported period and eventually end their support for software or an OS version. Once support ends, additional security updates are no longer provided rendering the software or OS insecure. This applies to all software and operating systems. The most common operation systems are Microsoft Windows, Apple Mac OS, the various versions of Linux, Apple iOS, and Google Android.
Computers and mobile devices connecting to the University network must utilize vendor-supported software and operating systems and must have all relevant security updates applied within 30 days of release. Computers and mobile devices running an obsolete, out-of-support, or unpatched software or operating system cannot be used for University work. They should not be placed on the University network, nor should they be allowed to connect via the University’s VPN service. These devices put the University’s information security at significant risk.
Data classification: Public