Topics Map > Endpoint Management > Benefits

What is Endpoint Management?

Campus Services provides endpoint computing services enabling the Rice community to engage in their daily work.

Contents


Service Category: Endpoint Computing

Services 1

Service Description

Network Access

Wired, WiFi, VPN access

Provisioning of access to networks, ensuring security and appropriate authentication.

End-Point Management and Support for Desktops, Mobile Devices, etc.

Support for all types of end-point devices and associated operating and application software.

Printing

Copy, scan, fax, and printing services, including applications for managing these services, such as print quota systems.

Software Distribution

Distribution of software and licenses via media, online methods, and license servers.

Endpoint Management has a number of benefits, including:

  • Improved device and data security for individuals and the University
  • Enhanced user experience 
  • Improved efficiency and quality of IT support
  • Improved ability for end users to find information, register and resolve issues, and remotely request IT services
  • Improved overall security and resiliency of the Rice University network
  • Automated updates of operating systems and applications

What will I experience with Endpoint Management tools installed?

You will receive periodic notifications related to system or application updates as they become available. You will be given time to accept upgrades/updates before they are applied to your machine.

Does the Endpoint Management service maintain the confidentiality and privacy of the Rice community? 

Endpoint Management tools do not collect any personal data (email, calendar events, contacts, personal files, etc.) from your device(s).


Endpoint Management Tools  

Mac (Jamf)

Jamf Pro is a comprehensive management system for Apple macOS computers and iOS devices such as iPads. With Jamf Pro, Rice OIT staff can proactively manage Rice owned Apple devices. This can include configuring Macs upon arrival direct from Apple through auto-enrollment, deploying and maintaining software, responding to security threats, and distributing security and other settings. More info about Jamf Pro may be found in the Rice University KB.

Mac OS X Operating System Upgrades (major releases)  

Apple typically releases a major Operating System upgrade once per year in the fall timeframe. macOS Monterey (12.0) was released on October 25, 2021 and is currently undergoing testing with Rice standard software to ensure compatibility. Major Operating System upgrades are made available to Jamf managed devices after a period of OIT review to ensure compatibility. Where possible, OIT will follow this release cycle yearly.  

PLEASE NOTE that macOS Big Sur (MacOS 11) and later does NOT provide support for 32-bit software.

Mac OS X Software Patches / Updates (minor releases)  

Apple releases software updates throughout the lifecycle of the Mac Operating System. These software updates are applied to Jamf managed devices after a period of OIT review to ensure compatibility.  

Endpoint (PC and Mac) Automated Security Patching Schedule: https://kb.rice.edu/internal/page.php?id=114669 (log in required)

Please note systems that are not patched may be subject to removal from the Rice University network.

PC (SCCM)  

System Center Configuration Manager (SCCM) provides the ability to centrally manage the deployment and security of Windows PCs. SCCM includes management of the Operating System, software and application deployment, and automates patching for existing devices. Note that Windows systems will need to be connected directly to the Rice Network or connected with VPN in order to receive regular updates.  

Windows Operating System Upgrades (major releases)  

Microsoft typically releases a major Operating System upgrade once per year in the fall and a feature release in the spring timeframe. Windows 20H2 was released in October of 2020. After OIT testing of Rice standard software to ensure compatibility, this Windows Operating System was deployed in January of 2021. Where possible, OIT will follow this release cycle yearly.  

Windows Operating System Monthly Software Patches / Updates (minor releases)  

All Rice SCCM managed Windows systems are patched on a monthly basis. For a period of time after the patches are delivered, the customer will be prompted to apply the updates and restart the computer at a time of their choosing. To ensure adherence to Rice University policies and to maintain the security and integrity of computer systems on the Rice network, these updates will be automatically installed and the computer restarted at a specified time each month.

Endpoint (PC and Mac) Automated Security Patching Schedule: https://kb.rice.edu/internal/page.php?id=114669 (log in required)

Please note systems that are not patched may be subject to removal from the Rice University network.


Computer Support Eligibility  

A Rice managed computer is a device that is Rice-owned and is utilizing OIT endpoint management tools (SCCM for PCs and Jamf for the Mac).

Computer Support Responsibilities and Expectations

Rice-Owned/Managed Computers

Rice-Owned/Self-managed Computers 

Vendor-managed Computers

Unsupported Computers/ Bring Your Own Device (BYOD)

OIT provides a full range of support for Rice University-owned computers that adhere to OIT’s recommended hardware standards and are capable of centralized endpoint management. Current supported vendors include Dell and Apple. 

Rice OIT managed device support services include:

  • Procurement advice 

  • Computer deployment and setup

  • Data encryption

  • Connecting to a printer

  • Network configuration

  • Software installation

  • Troubleshooting

  • Facilitation of hardware warranty support

  • Remote Desktop configuration

  • Security Incident management

  • Secure erasure prior to disposal 

Managed computers will be proactively patched by OIT using Rice Endpoint Management tools and monitored for security vulnerabilities. OIT will restore the computer to running order and support campus software.  

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

For non-standard devices not capable of centralized management or for those who have requested and been approved by ISO and respective department to opt out of centralized management tools, the customer is responsible for software patching/maintenance, and meeting  security requirements of Rice University as well as OIT policies, standards, and procedures. 

Systems that are not patched may be subject to removal from the Rice University network. Self-managed machines may also have limited access to Rice network resources. 

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

OIT will provide commercially reasonable efforts support in partnership with departmental staff or the computer administrator as part of attempts to restore the computer to working order. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

Members of the Rice community utilizing OIT services, software, and systems from outside vendors are responsible for ensuring that suppliers are held to the terms of their agreement, provide all required deliverables, and adhere to the applicable requirements of Rice University and OIT policies, standards, and procedures.

It is recommended that vendor-managed system support include: 

  • Computer deployment and setup

  • Data encryption

  • Operating System patching/maintenance

  • Recommend establishing a standard maintenance schedule to ensure vendor software is updated periodically 

  • Vulnerability remediation

  • Defined backup processes and procedures

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

OIT will provide commercially reasonable efforts support in partnership with the vendor as part of implementation and ongoing support. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

It is highly recommended that the Rice customer establish a budget for future lifecycle replacement and / or upgrades. 

To initiate a project request for a vendor-managed system, please submit an online Project Request Form

Unsupported computers include any Rice-owned computers that are non-standard and are not identified as managed, self-managed, or vendor managed. Any non Rice-owned machines are considered BYOD.

These devices are not eligible for OIT support. The system user is responsible for patching, security, and maintenance. OIT will consult with the computer user or vendor but will not provide support for the computer hardware or software/OS.

Formal Rice policy currently states that all who gather, store, transmit, or have access to university data require encryption and password protection. More information is available here:
https://policy.rice.edu/808 .

Systems that are not patched may be subject to removal from the Rice University network. Unsupported machines may also have limited access to Rice network resources. 

Hardware no longer under warranty may require technical assistance from a 3rd party vendor as well as incurring a cost for parts/repair.

 

See Also:




Keywords:endpoint, management, jamf, sccm, support lifecycle, hardware, operating system endpoints   Doc ID:113792
Owner:Sarah G.Group:Rice University
Created:2021-09-20 15:06 CSTUpdated:2021-11-04 13:19 CST
Sites:Rice University
CleanURL:https://kb.rice.edu/endpoints
Feedback:  1   1