IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Departments Will Need to Fulfill All New SIMM Requirements

All departments will be required to fill system holes, even if their platforms already satisfy some of the requirements.

The Department of Technology's Office of Information Security released an Endpoint Protection Standard on Tuesday for workstations and personal computers, servers, IoT devices and mobile devices.

"State entities must ensure that they abide by this standard and have all required capabilities," the Statewide Information Management Manual 5355-A reads. 

All departments will be required to fill in the holes of their systems, even if their platforms do some of what the requirement outlines.

The release was addressed to all chief information officers, information security officers and agency information officers. The standard requires minimum endpoint protection as outlined in SIMM 5355-A. The SIMM includes prescriptions for:

  • Detection and protection capabilities
  • Investigative support capabilities
  • Containment capabilities
  • Remediation capabilities
Detection capabilities include more than just manual scanning, signature and signature-less techniques, artificial-intelligence-based detection and updated operating systems. Investigative supports will scan, hunt integrated event collection and record events.


Kayla Nick-Kearney was a staff writer for Techwire from March 2017 through January 2019.