University of Minnesota IT Ecosystem

University IT is distributed, but integrated, driving efficiencies through collaboration and alignment of goals. Central services are widely-used and available across the University system, while collegiate and distributed administrative business unit IT services are designed to meet local needs.

Device Management Maturity Project

The goal of the Device Management Maturity project is to align central and local IT units to create a manageable environment that complies with University Information Security policies.

Why is Device Management Important?

Devices that are not updated with software upgrades and security patches expose the University and its community to theft, disruption, and damage. We have identified the following areas of risk:

  • Data: Exposure or theft of sensitive data, such as HIPAA and intellectual property
  • Money: Theft of employee paychecks, or student financial aid
  • Reputation: Damage to the University of Minnesota’s reputation
  • Exposure: Infected machines spreading malware to other devices 

There was a 150% increase in average UMN security incidents per month between 2017 and 2019. 

Project Goals

Expand all

Identify unmanaged University-owned devices

To align central and local IT units with the goal of creating a manageable and compliant environment, we first need to gain a deeper understanding of the unmanaged devices that are currently out there. 

Enroll new devices in the University's central device management.

Develop standards and processes

To develop standards and processes, the project team will:

  1. Perform a gap analysis against University policy.
  2. Document existing controls and processes.
  3. Create new controls and processes.

Communicate requirements

This project will work to communicate requirements, including but not limited to:

  • Device Lifecycles
  • Security level settings. Note: University Policy has changed.
    • All University owned devices are high or medium level, without exception.
    • Low level devices are personal devices only.
  • Roles and Responsibilities

Monitor compliance

This project will monitor compliance with University Information Security policies.

Action Steps for Units

Expand all

Find unmanaged devices and enroll them in central services

Remove stale objects

Remove stale objects within:

  • Active Directory
  • Jamf Pro
  • SCCM