The university has policies that govern how data should be stored, accessed, or transmitted on university technology securely and that state our responsibility to protect it. The Data Classification policy defines the classifications of institutional data (i.e., the categories of data that the University is responsible for safeguarding) and the associated measures that are necessary to safeguard each classification. The Data Roles and Responsibilities policy defines the responsibilities of individuals within the organization in protecting the University of Connecticut’s data assets.
ITS meets the above obligations for devices we fully support using Intune for Windows and Jamf for Macs. These are both comprehensive device management platforms that ensure workstations have up-to-date security (e.g., encryption, patching, and updated software) and can be supported remotely. Enrollment includes Microsoft Endpoint Detection and Response (EDR), which allows ITS to better prevent, respond, and contain attacks targeting UConn. It also enables ITS to mitigate data exposure and vastly reduces the institutional response required if a device is lost, stolen, or otherwise compromised.
Not all university-owned devices are enrolled in a management platform. This places the responsibility for compliance on the device user. They must maintain their devices appropriately and remain vigilant about data security. While it is possible for them to manually satisfy all obligations, it is not easy for them to do this completely and consistently. Even if they are compliant, they do not have advantages provided by active security solutions that detect threats, protect and contain attacks early, and aid mitigation efforts.
Ultimately, enrollment in a managed workstation program enhances data security individually and for the University. ITS will be approaching areas that currently have no management tools or use less capable legacy tools. We will be actively facilitating broader adoption of Intune and Jamf.