Security requirements for all single-board computers:
1. Change the default password for the Pi (equivalent) user
2. Change the default username for the Pi (equivalent) user
3. Change the Raspberry Pi (equivalent) default hostname
4. Force Sudo to require a password
5. Disable wireless card (if applicable)
6. Disable Bluetooth (if applicable)
7. Disable DNS Daemon ((avahi-daemon) Type: sudo systemctl disable avahi-daemon [Enter]))
8. Ensure no additional programs beyond the base operating system are installed – only one use case is allowed per device
9. If no Sophos ARM64 client exists, only place on own subnet with no direct access to Internet (proxy allowed) -- no outward-bound, publicly assigned, static IP address is allowed
Approved by Commission on Technology on June 9, 2022 by Motion TECH 22-07