Topics Map > •Endpoint Management > -Benefits

What is Endpoint Management?

Campus Services provides endpoint computing services enabling the Rice community to engage in their daily work.

Contents


Service Category: Endpoint Computing

Services 1

Service Description

Network Access

Wired, WiFi, VPN access

Provisioning of access to networks, ensuring security and appropriate authentication.

End-Point Management and Support for Desktops, Mobile Devices, etc.

Support for all types of end-point devices and associated operating and application software.

Printing

Copy, scan, fax, and printing services, including applications for managing these services, such as print quota systems.

Software Distribution

Distribution of software and licenses via media, online methods, and license servers.

Endpoint Management has a number of benefits, including:

  • Improved device and data security for individuals and the University
  • Enhanced user experience 
  • Improved efficiency and quality of IT support
  • Improved ability for end users to find information, register and resolve issues, and remotely request IT services
  • Improved overall security and resiliency of the Rice University network
  • Automated updates of operating systems and applications

What will I experience with Endpoint Management tools installed?

You will receive periodic notifications related to system or application updates as they become available. You will be given time to accept upgrades/updates before they are applied to your machine.

Does the Endpoint Management service maintain the confidentiality and privacy of the Rice community? 

Endpoint Management tools do not collect any personal data (email, calendar events, contacts, personal files, etc.) from your device(s).


Endpoint Management Tools  

Mac (Jamf)

Jamf Pro is a comprehensive management system for Apple macOS computers and iOS devices such as iPads. With Jamf Pro, Rice OIT staff can proactively manage Rice-owned Apple devices. This can include configuring Macs upon arrival direct from Apple through auto-enrollment, deploying and maintaining software, responding to security threats, and distributing security and other settings. More info about Jamf Pro may be found in the Rice University KB.

Mac OS X Operating System Upgrades (major releases)  

Apple typically releases a major Operating System upgrade once per year in the fall timeframe. Major Operating System upgrades are made available to Jamf managed devices after a period of OIT review to ensure compatibility. Where possible, OIT will follow this release cycle yearly.  

PLEASE NOTE that macOS Big Sur (MacOS 11) and later does NOT provide support for 32-bit software.

Mac OS X Software Patches / Updates (minor releases)  

Apple releases software updates throughout the lifecycle of the Mac Operating System. These software updates are advertised to Jamf managed devices after a period of OIT review to ensure compatibility.

Endpoint (PC and Mac) Automated Security Patching Schedule: https://kb.rice.edu/internal/page.php?id=114669 (log in required)

Please note systems that are not patched may be subject to removal from the Rice University network.

Mac users will be prompted to apply the updates. Details are below. 

Jamf Nudge Notification Window

 MacOS Update Screen

PC (SCCM)  

System Center Configuration Manager (SCCM) provides the ability to centrally manage the deployment and security of Windows PCs. SCCM includes management of the Operating System, software, and application deployment, and automates patching for existing devices. Note that Windows systems will need to be connected directly to the Rice Network or connected with VPN to receive regular updates.  

Windows Operating System Upgrades (major releases)  

Microsoft typically releases a major Operating System upgrade once per year in the fall and a feature release in the spring timeframe. Windows10 21H2 was released in November of 2021 and is currently OIT's active (default) release. Future Windows OS' will be released as soon as possible after OIT testing of Rice standard software to ensure compatibility. Where possible, OIT will follow this release cycle yearly.  

Windows Operating System Monthly Software Patches / Updates (minor releases)  

All Rice SCCM managed Windows systems are patched on a monthly basis. For a period of time after the patches are delivered, the customer will be prompted to apply the updates and restart the computer at a time of their choosing. To ensure adherence to Rice University policies and to maintain the security and integrity of computer systems on the Rice network, these updates will be automatically installed and the computer restarted at a specified time each month.

Endpoint (PC and Mac) Automated Security Patching Schedule: https://kb.rice.edu/internal/page.php?id=114669 (log in required)

Please note systems that are not patched may be subject to removal from the Rice University network.

PC users will be prompted to apply the updates. The taskbar will also indicate if a restart is required. Details are below. 

sccm update notification sccm update taskbar notification

Available updates will appear as pictured below. 

select updates to install

If a restart is required, the prompts will appear as pictured below. 

sccm update notification


Computer Support Eligibility  

A Rice-managed computer is a device that is Rice-owned and is utilizing OIT endpoint management tools (SCCM for PCs and Jamf for the Mac).

Computer Support Responsibilities and Expectations

Rice-Owned/Managed Computers

Rice-Owned/Self-managed Computers 

Vendor-managed Computers

Unsupported Computers/ Bring Your Own Device (BYOD)

OIT provides a full range of support for Rice University-owned computers that adhere to OIT’s recommended hardware standards and are capable of centralized endpoint management. Currently supported vendors include Dell and Apple. 

Rice OIT-managed device support services include:

  • Procurement advice 

  • Computer deployment and setup

  • Data encryption

  • Connecting to a printer

  • Network configuration

  • Software installation

  • Troubleshooting

  • Facilitation of hardware warranty support

  • Remote Desktop configuration

  • Security Incident management

  • Secure erasure prior to disposal 

Managed computers will be proactively patched by OIT using Rice Endpoint Management tools and monitored for security vulnerabilities. OIT will restore the computer to running order and support campus software.  

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

For non-standard devices not capable of centralized management or if there are research or laboratory computers (PC or Mac) whose uninterrupted uptime is considered an essential function, or have technical limitations or incompatibilities, please contact the OIT Helpdesk to a request for an exclusion. 

For devices not under centralized OIT management, the customer is responsible for software patching/maintenance, and meeting  the security requirements of Rice University as well as OIT policies, standards, and procedures. 

Systems that are not patched may be subject to removal from the Rice University network. Self-managed machines may also have limited access to Rice network resources. 

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

OIT will provide commercially reasonable efforts support in partnership with departmental staff or the computer administrator as part of attempts to restore the computer to working order. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

Members of the Rice community utilizing OIT services, software, and systems from outside vendors are responsible for ensuring that suppliers are held to the terms of their agreement, provide all required deliverables, and adhere to the applicable requirements of Rice University and OIT policies, standards, and procedures.

Vendor-managed system support should include at a minimum the following: 

  • Computer deployment and setup

  • Data encryption

  • Operating System patching/maintenance

  • Recommend establishing a standard maintenance schedule to ensure vendor software is updated periodically 

  • Vulnerability remediation

  • Defined backup processes and procedures

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

OIT will provide commercially reasonable efforts support in partnership with the vendor as part of the implementation and ongoing support. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

It is highly recommended that the Rice customer establish a budget for future lifecycle replacement and/or upgrades. 

To initiate a project request for a vendor-managed system, please submit an online Project Request Form

Unsupported computers include any Rice-owned computers that are non-standard and are not identified as managed, self-managed, or vendor-managed. Any non-Rice-owned machines are considered BYOD.

These devices are not eligible for OIT support. The system user is responsible for patching, security, and maintenance. OIT will consult with the computer user or vendor but will not provide support for the computer hardware or software/OS.

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

Systems that are not patched may be subject to removal from the Rice University network. Unsupported machines may also have limited access to Rice network resources. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

 



Keywords:
endpoint, management, jamf, sccm, support lifecycle, hardware, operating system endpoints 
Doc ID:
113792
Owned by:
NeedsOwner U. in Rice U
Created:
2021-09-20
Updated:
2024-10-23
Sites:
Rice University