The fleet management team ensures customer computers and printers are configured and maintained to meet ISO requirements including regular patches, malware protection, backup, and security.
Computer Management
Provisioning / Imaging
- LAITS configures Supported Computer Models with standard software, functionality and security settings as part of our computer deployment process
- Maintains a portfolio of standard software for recommended computer models
- Installs the latest supported Operating Systems (OS)
- Devices must be purchased through Campus Computer Store
- Apple devices must be enrolled in Apple School Manager to facilitate patch management
Minimum Security Standards
The Information Security Office (ISO) requires computers to adhere to minimum security standards. LAITS implements these standards by requiring certain installed software and configuration on end user computers. Exceptions to these policies will be considered depending on business case.
All LAITS-supported computers shall have the following software installed/configured:
- Vulnerability Management Agent
- Nessus
- Endpoint Management Agent
- Windows Computers: Enrollment in Microsoft Endpoint Configuration Manager (MECM)
- MacOS Computers: Enrollment in JAMF
- Antivirus Agent
- Windows Computers: Microsoft Defender for Endpoint (MDE)
- MacOS Computers:
- Microsoft Defender for Endpoint (MDE)
- Cisco Secure Endpoint (aka CiscoAMP) – for computers that are not supported by MDE
- Backup Agent
- LAITS strongly recommends the usage of UTBackup/Code42 for the backup of user data on end user computers. End users may opt-out of the usage of this software if they confirm/certify they have an alternative backup method in place.
- Remote Support Agent
- Beyond Trust
Endpoint Management Enrollment
- All supported computers are required to be enrolled in the University endpoint management systems to ensure compliance with Information Security Office (ISO) requirements
Operating System Requirements
- Operating System (OS) of supported computers must be within the two most recent vendor supported versions
- All systems will have OS updates enabled through Endpoint Management
Software Applications
LAITS does:
- Provide standard macOS and Windows software applications as well as customer-specific software applications through MacOS Self Service and Windows Software Center
- Install Beyond Trust as a standard tool to provide remote support to end users on most computers
- Package specialized software applications upon customer request
- Use central tools to regularly update Windows software applications and MacOS software applications
LAITS does not:
- Provide support for software that is not vendor-supported
- Provide support or patching of virtual machines (Parallels, VirtualBox, VMWare, Hyper-V)
OS and Application Patching
- Enrolled computers are maintained to meet ISO requirements including receiving regular patching, malware protection, backup, and security
- Security updates will be provided based on the campus Endpoint Management policies for MacOS and Windows computers
- Critical security updates may be applied outside of the regular patch schedule
- LAITS works with customers to remediate any ISO quarantines on vulnerable systems, and will assist with evaluating and requesting exceptions as required for business purposes
Malware/Antivirus Protection
- Malware and Antivirus protection is installed on all computers to scan, detect, and remove viruses and malware
- Antivirus applications are automatically updated wit
Resource Accounts, Distribution Groups, Calendars and Cloud Storage
LAITS does:
- Provide support to set up and manage resource accounts, shared calendars and departmental mailboxes
- Create Cloud Storage shares in UT Box and Sharepoint/Teams/OneDrive for administrative and research purposes
LAITS does not:
- Manage individual membership in departmental shared Cloud Storage (UT Box, Sharepoint/Teams/One Drive)
Printer Management
LAITS does:
- Maintain a list of Recommended Printer Models that are supported and certified to work with UT networks and supported computers
- Create and configure printer and print queues adhering to UT standard security settings
- Install and configures departmental network printers and Multifunction Printers (MFPs)
- Install and configure desktop (single-user) USB connected printers
- Troubleshoot printing issues
- Configure color printing, if provided with the appropriate code
LAITS does not:
- Support WIFI enabled printers
- Troubleshoot printing issues from mobile devices
- Perform printer maintenance or repairs including replacing toner, replacing paper, installing maintenance kits, or fixing paper jams
- Engage / escalate to vendors
- Run printer usage / accounting reports
- Maintain printer address books
- Issue or escrow color printing codes
Change Log
2023-10-19 | Software Applications section – added exclusion of support/patching for virtual machines |
Last Updated: 2023-10-19