What they're really talking about here, if I read between the lines of the report correctly, is a suite of software programs from the vendor (dominion), installed by the customer OR by Dominion staff, on hardware provided by the customer (Antrim County, MI). The Customer is likely on-the-hook for providing up-to-date best-practices-compliant computing hardware. The violations listed above, in addition to the failures to update antivirus and apply windows patches, are the fault of the IT vendor/employee/additional-duty for the county. HOWEVER, a well-written installer from Dominion would fail at install if it detected invalid host config items.
What they're really talking about here, if I read between the lines of the report correctly, is a suite of software programs from the vendor (dominion), installed by the customer OR by Dominion staff, on hardware provided by the customer (Antrim County, MI). The Customer is likely on-the-hook for providing up-to-date best-practices-compliant computing hardware. The violations listed above, in addition to the failures to update antivirus and apply windows patches, are the fault of the IT vendor/employee/additional-duty for the county. HOWEVER, a well-written installer from Dominion would fail at install if it detected invalid host config items.
anyone certifying results from this mess is liable for treason