You are here

CCSS Certification

The Ohio State University requires all devices connected to university network resources to be compliant with the Client Computer Security Standard (CCSS) document. The CCSS consists of four components:

  1. The device must be guarded by an up-to-date and active firewall set to protect it from unauthorized network traffic.
  2. Current operating system and application software with current security patches must be installed.
  3. The device must be protected against malicious or undesired software such as viruses, spyware, or adware.
  4. Access to the device must require appropriate authentication controls such as account identifiers and robust passwords.

There are other important aspects of the CCSS policy, so it is important to read. The following notes may be used for devices running the relevant operating system to bring it into compliance with the CCSS, provided that:

  • All of the commands execute correctly on any specific installation of the relevant operating system.
  • All of the steps in the relevant document are followed exactly.

Any deviation from these steps or changes with respect to the software installed should be discussed with a CSE staff member before a device can be certified as CCSS compliant. Any attempt to circumvent CCSS compliance will result in disconnection from the CSE network until the device in question can be brought back into compliance.

The CSE Computing Staff officially suport Windows and the Red Hat Enterprise Linux distribution.

CCSS Compliance Notes