{"id":364,"date":"2023-09-28T15:16:52","date_gmt":"2023-09-28T22:16:52","guid":{"rendered":"https:\/\/www.cdcr.ca.gov\/hcdom\/?post_type=dom&#038;p=364"},"modified":"2023-10-30T15:46:46","modified_gmt":"2023-10-30T22:46:46","slug":"5-3-11-endpoint-security","status":"publish","type":"dom","link":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/","title":{"rendered":"5.3.11 Endpoint Security"},"content":{"rendered":"\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Introduction and Overview<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department information assets are often used to conduct business functions internally as well as with other State and non-department persons and devices on the Internet. Devices used for such department business purposes are comprised of servers, network devices, and end user devices including mobile computers, tablets, and smart phones; such devices are collectively called \u201cendpoints\u201d or \u201cendpoint devices.\u201d\u00a0 Some department information assets are more prone to loss or theft due to their size, mobility, or location of use.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The department needs to ensure that endpoints are suitably protected to prevent unauthorized access to data and information that may reside on the endpoints.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Objectives<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Objectives for this policy are to define the requirements to protect department endpoints that may routinely interact with unknown or untrusted devices on the Internet, or that are more susceptible to loss or theft.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Scope and Applicability<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The scope of this policy extends to all State information assets owned and operated by the department, information assets managed by third parties on behalf of the department, and all information assets that process or store department information in support of department services and mission.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>This policy applies to Owners of Information Assets and Information Asset Custodians.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Policy Directives<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>The department shall ensure that:<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>All department endpoints are identified and endpoint asset inventories are documented and continually updated.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Risks to individual department endpoint device types and the data they access, process, and store are assessed.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The requisite endpoint protection controls, as referenced in the Statewide Information Management Manual, are implemented and maintained to mitigate risks to each endpoint.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Endpoint protection controls include people (asset users), processes, and technology controls.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Endpoint protection controls are continuously monitored.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Endpoint protection controls are reviewed at least annually.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Roles and Responsibilities<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Chief Information Officer (CIO) or Designee:<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Owns this policy and is responsible for ensuring that all Owners of Information Assets, Information Asset Custodians, and users of department information assets are aware of this policy and acknowledge their individual responsibilities.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Is responsible for ensuring that this policy is reviewed annually and updated accordingly.\u00a0<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Is required to audit and assess compliance with this policy at least once every 2 years.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Information Security Officer (ISO):<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Shall assist Owners of Information Assets and Information Asset Custodians with the identification and selection of endpoint protection controls.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Shall ensure that endpoint protection controls meet department requirements for security and privacy.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Owners of Information Assets and Program Management:<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>In collaboration with the Information Asset Custodians shall ensure that the endpoint protection controls are defined, documented, and implemented, and that implementation is reviewed annually.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>In collaboration with the Information Asset Custodians shall ensure the endpoint protection controls commensurate with the sensitivity or criticality of the asset are implemented for assets under their purview.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Department Information Asset Custodians:<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Shall implement the requisite endpoint protection controls based upon the sensitivity or criticality of the assets as defined by the Owners of Information Assets.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Shall maintain and update endpoint protection technologies based on best practices.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Shall maintain records of endpoint protection controls and ensure proper change management.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Enforcement<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Non-compliance with this policy may result in disciplinary or adverse action as set forth in California Department of Corrections and Rehabilitation, Department Operations Manual, Chapter 3, Article 22.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The department shall comply with the information security and privacy policies, standards, and procedures issued by the California Department of Technology (CDT), Office of Information Security (OIS). In addition to compliance with the information security and privacy policies, standards, procedures, and filing requirements issued by the OIS, the department shall ensure compliance with all security and privacy laws, regulations, rules, and standards specific to and governing the administration of their programs. Program administrators shall work with their general counsel, ISO, and Privacy Program Officer or Coordinator to identify all security and privacy requirements applicable to their programs and ensure implementation of the requisite controls.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The consequences of negligence and non-compliance with State laws and policies may include department and personal.<\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Loss of delegated authorities.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Negative audit findings.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Monetary penalties.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>Legal actions.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Auditing<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>The department has the right to audit any activities related to the use of State information assets.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p>CDT OIS and the department have the statutory right to audit department readiness to respond and recover from an incident.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Reporting<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Violations of this policy shall be reported to the department ISO.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Security Variance Process<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>If compliance is not feasible, or if deviation from this policy is necessary to support a business function, the respective manager shall formally request a security variance as defined by the ISO.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Authority<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>This policy complies with the State of California Government Code section 11549.3.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block\">\n\t\t\t\t\t<p><strong>Revisions<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>The CIO or designee shall ensure that the contents of this article are current and accurate.<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p><strong>References<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>Statewide Information Management Manual, 5305-A, Information Security Program Management Standard<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>Statewide Information Management Manual, 5355-A, Endpoint Protection Standard<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>State Administrative Manual, Section 5355, Endpoint Defense<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>State Administrative Manual, Section 5355.1, Malicious Code Protection<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Security Assessment and Authorization, CA-7<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Configuration Management, CM-2, CM-3, CM-6, CM-7, CM-10, CM-11<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, System and Communications Protection, SC-8, SC-10, SC-11, SC-13, SC-18, SC-23, SC-24, SC-28, SC-38, SC-42, SC-43<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, System and Information Integrity, SI-2, SI-3, SI-4, SI-5, SI-7, SI-8, SI 11<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Program Management, PM-9<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Risk Assessment, RA-2, RA-3, RA-5<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>National Institute of Standards and Technology, Special Publications 800-53, Physical and Environmental Protection, PE-3, PE-19, PE-20<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual, Chapter 3, Article 22<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Department of Corrections and Rehabilitation, Department Operations Manual, Chapter 4, Article 41, Section 48010.5<\/p>\n\t\t\t\t\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-bullet\">\n\t\t\t\t\t<p>California Government Code, Section 11549.3<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p><strong>Revision History<\/strong><\/p>\n\t\t\t\t\n\t<ul class=\"cdcr-dom-group-block\">\n\t\t\n\t<li class=\"cdcr-dom-item-block is-style-no-marker\">\n\t\t\t\t\t<p>Effective: 02\/2022<\/p>\n\t\t\t\t\t<\/li>\n\t\n\t<\/ul>\n\t\n\t<\/li>\n\t\n\t<\/ul>\n\t","protected":false},"parent":228,"template":"","class_list":["post-364","dom","type-dom","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Health Care Department Operations Manual (HCDOM)\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-30T22:46:46+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-11-endpoint-security\\\/\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-11-endpoint-security\\\/\",\"name\":\"5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#website\"},\"datePublished\":\"2023-09-28T22:16:52+00:00\",\"dateModified\":\"2023-10-30T22:46:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-11-endpoint-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-11-endpoint-security\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/5-3-11-endpoint-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HCDOM\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chapter 5 &#8211; Administrative\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Article 3 \u2013 Information Technology\",\"item\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/dom\\\/chapter-5-administrative\\\/article-3-information-technology\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"5.3.11 Endpoint Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#website\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\",\"name\":\"Health Care Department Operations Manual\",\"description\":\"CCHCS\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#organization\",\"name\":\"Health Care Department Operations Manual\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/wp-content\\\/uploads\\\/sites\\\/207\\\/2023\\\/08\\\/cropped-cdcr-cchcs-logos-512.png\",\"contentUrl\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/wp-content\\\/uploads\\\/sites\\\/207\\\/2023\\\/08\\\/cropped-cdcr-cchcs-logos-512.png\",\"width\":82,\"height\":82,\"caption\":\"Health Care Department Operations Manual\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cdcr.ca.gov\\\/hcdom\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)","og_url":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/","og_site_name":"Health Care Department Operations Manual (HCDOM)","article_modified_time":"2023-10-30T22:46:46+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/","name":"5.3.11 Endpoint Security - Health Care Department Operations Manual (HCDOM)","isPartOf":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#website"},"datePublished":"2023-09-28T22:16:52+00:00","dateModified":"2023-10-30T22:46:46+00:00","breadcrumb":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/5-3-11-endpoint-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/"},{"@type":"ListItem","position":2,"name":"HCDOM","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/"},{"@type":"ListItem","position":3,"name":"Chapter 5 &#8211; Administrative","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/"},{"@type":"ListItem","position":4,"name":"Article 3 \u2013 Information Technology","item":"https:\/\/www.cdcr.ca.gov\/hcdom\/dom\/chapter-5-administrative\/article-3-information-technology\/"},{"@type":"ListItem","position":5,"name":"5.3.11 Endpoint Security"}]},{"@type":"WebSite","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#website","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/","name":"Health Care Department Operations Manual","description":"CCHCS","publisher":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cdcr.ca.gov\/hcdom\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#organization","name":"Health Care Department Operations Manual","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#\/schema\/logo\/image\/","url":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-content\/uploads\/sites\/207\/2023\/08\/cropped-cdcr-cchcs-logos-512.png","contentUrl":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-content\/uploads\/sites\/207\/2023\/08\/cropped-cdcr-cchcs-logos-512.png","width":82,"height":82,"caption":"Health Care Department Operations Manual"},"image":{"@id":"https:\/\/www.cdcr.ca.gov\/hcdom\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Health Care Department Operations Manual (HCDOM)","distributor_original_site_url":"https:\/\/www.cdcr.ca.gov\/hcdom","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom"}],"about":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/types\/dom"}],"version-history":[{"count":2,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/364\/revisions"}],"predecessor-version":[{"id":881,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/364\/revisions\/881"}],"up":[{"embeddable":true,"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/dom\/228"}],"wp:attachment":[{"href":"https:\/\/www.cdcr.ca.gov\/hcdom\/wp-json\/wp\/v2\/media?parent=364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}