Yes, it is a requirement for all units. The U of T Information Security and the Protection of Digital Assets Policy and Information Security Standard requires that all institutional devices need to be secure to better protect our people, data and systems.