Endpoint Exception Request Process Moved to MyDevices

Great news — the endpoint compliance exception process is now streamlined in the MyDevices application. This new request form uses existing device data already in MyDevices, reducing the amount of information you need to enter. Additionally, once your request is submitted, you can easily track its status within the application.

More about endpoint exceptions

Endpoint security exceptions are allowed when adherence to Stanford’s Minimum Security Standards is not possible for technical reasons. Exceptions are reviewed on a case-by-case basis. They are not granted based on device ownership, concerns about system performance impact, or unlikely access to High Risk Data. 

Here are some examples of exception requests that are typically approved.

• A physically anchored desktop computer dedicated to directly controlling scientific research equipment that cannot be upgraded due to specialized software that is unavailable on an operating system that supports encryption.
• A computer running an operating system (OS) that has been sunsetted (i.e., Mac OS 10.14) and cannot be upgraded due to specialized software. (Note: It may be necessary to provide written justification from the vendor stating that the software specifically requires this OS version. These devices should still have SWDE/VLRE installed.)
• A classroom or kiosk computer that is re-imaged daily, physically secured, and does not copy email or other files in bulk locally.

Learn more

For detailed steps on how to submit an endpoint exception, visit Request a Compliance Exception. 

Get help

If you have questions about the Endpoint Exception Request process, please submit a Help request.