Walmart Endpoint Security Policy

1. Purpose

The purpose of this Endpoint Security Policy is to define and enforce security measures that ensure the confidentiality, integrity, and availability of Walmart’s IT systems, data, and digital assets. This policy outlines guidelines and practices for securing endpoints (such as workstations, laptops, mobile devices, and servers) within the organization’s network infrastructure.

2. Scope

This policy applies to all employees, contractors, third-party vendors, and any individuals or entities with authorized access to Walmart’s digital environment, systems, and data. It covers all hardware and software systems within the corporate network and those connected to it through remote access.

3. Definitions

  •  Endpoints: Devices that connect to the Walmart network or its systems, including laptops, desktops, smartphones, tablets, servers, and IoT devices.
  •  Endpoint Protection: Security solutions (such as antivirus, firewalls, device encryption, etc.) implemented to safeguard endpoints from cyber threats.
  • BYOD (Bring Your Own Device): Employee-owned devices allowed to connect to Walmart’s corporate network for work purposes.4. Endpoint Security Requirements
  •  Device Configuration and Hardening: All endpoints must be configured to meet Walmart’s minimum security standards, which include:
    • Operating systems (OS) must be up-to-date with the latest security patches installed.
    •  Applications and software must be updated regularly to reduce vulnerabilities.
    •  Unnecessary services and ports must be disabled or blocked.
    •  Device configurations must be secured by passwords or biometric authentication.
  •  Endpoint Protection Software:
    •  Walmart will deploy endpoint protection software on all corporate-owned andBYOD devices, which includes anti-malware, antivirus, and anti-ransomwaresoftware.
    •  Endpoint protection must have automatic updates enabled and real-timescanning capabilities.
  •  Encryption:

All endpoints storing sensitive or confidential data must be encrypted using industry-standard encryption protocols.

Encryption should apply to both data at rest (stored data) and data in transit (data being transmitted across networks).

  •  Access Control and Authentication:
    •  All endpoints must require strong, multi-factor authentication (MFA) for access.
    •  User accounts must have unique logins and passwords, and password policiesmust enforce strength requirements (e.g., minimum length, complexity).
    •  Role-based access controls (RBAC) will limit access to systems and data basedon the employee’s role and job responsibilities.
  •  Device Tracking and Monitoring:
    •  Endpoint activity will be logged and monitored in real-time to detect suspicious activity and potential breaches.
    •  Automated alerts will be triggered for unauthorized access attempts, malware detection, or unusual activity patterns.
    •  Remote wipe capabilities must be enabled on all endpoints, especially for mobile devices or laptops used by employees, to protect data in case of loss or theft.5. Remote Access and BYOD
  •  Remote Access:
    •  Walmart will provide secure VPN connections for employees working remotely oraccessing the network from external locations.
    •  Remote access will require multi-factor authentication (MFA) and be restricted toauthorized users based on business needs.
  •  BYOD Policy:
    •  Personal devices used for work purposes must comply with Walmart’s security requirements, including installing endpoint protection software and encryption.
    •  Employees must register their personal devices with the IT department beforeconnecting them to Walmart’s network.
    •  Walmart reserves the right to access, monitor, or remove any data from personaldevices connected to the corporate network in the event of a security breach or investigation.6. Security Awareness and Training
  •  Training: All employees and contractors must complete cybersecurity training on how to secure their endpoints, recognize phishing attempts, and respond to security incidents.
  •  Phishing Protection: Employees should be educated on the risks of phishing, spear-phishing, and social engineering attacks and how to avoid them.
  •  Incident Reporting: Employees must immediately report any security incidents, including suspicious device behavior, potential malware infections, or device theft or loss.7. Incident Response

In the event of an endpoint security breach, Walmart will follow its Incident Response Plan (IRP), which includes:

  •  Isolation of affected devices to contain the spread of malware or unauthorized access.
  •  Forensic investigation to determine the scope and source of the breach.
  •  Remediation steps to remove threats, restore systems, and reinforce securitymeasures.
  •  Notification to affected individuals, regulators, and stakeholders as required bylaw.8. Compliance

Walmart will ensure compliance with relevant regulatory requirements and industry standards related to endpoint security, including:

  •  General Data Protection Regulation (GDPR)
  •  California Consumer Privacy Act (CCPA)
  •  Payment Card Industry Data Security Standard (PCI DSS)
  •  Health Insurance Portability and Accountability Act (HIPAA)9. Enforcement
  •  Non-compliance with this Endpoint Security Policy may result in disciplinary action, up to and including termination of employment or contracts.
  •  Walmart reserves the right to audit endpoints, systems, and networks for compliance with this policy.10. Review and UpdateThis policy will be reviewed annually or as needed to ensure it remains relevant and aligned with evolving security threats, compliance requirements, and technological advancements.11. ConclusionWalmart is committed to maintaining the security and privacy of its systems and data. By adhering to the guidelines set forth in this Endpoint Security Policy, employees and contractors can contribute to the overall protection of Walmart’s digital infrastructure, reducing the risk of security incidents and ensuring business continuity.