Baseline configuration management is in place to establish a secure and stable baseline configuration for IT systems, applications, and networks. The baseline is used as a reference point for making changes and updates to the system and serves as a benchmark for assessing security and compliance.

The organization has incorporated configuration change control refers to manage and track changes made to the configuration of an information system or software application. It involves evaluating, approving, implementing, and documenting any modifications to the configuration, such as changes to hardware, software, network settings, or system parameters. The goal of Configuration Change Control is to ensure that all changes are properly authorized, tested, and documented, minimizing the risk of introducing errors, vulnerabilities, or disruptions to the system.

Malware protection measures are taken to prevent, detect, and remove malicious software, such as viruses, spyware, and ransomware, from infecting computer systems and networks. These measures include advanced malware protection software and user education and awareness training.

Mobile Device Management (MDM) is in place to secure and manage mobile devices (e.g., smartphones, tablets, laptops) used within the organization. MDM is used to enforce security policies, configuration and device monitoring to protect sensitive data.

Software must be vetted and approved by Security personnel prior to usage or installation. All employees are trained on Company Policies regarding the installation of software. Software on endpoints is monitored via MDM technology for compliance with this policy. On production systems, the ability to add software components is limited to Sr. Engineers.