Device Management Policy
This policy defines the management of University owned devices to ensure compliance with cyber security standards.
This policy applies to all University owned laptops, computers, tablets, and mobile devices, regardless of operating system.
3.1 All University owned devices must be registered with an endpoint management solution.
- Microsoft Intune – Windows and Android
- Jamf – MacOS and iOS
- Landscape – Ubuntu Linux
3.2 Software will be deployed through centralised systems which will allow software to be installed and maintained without needing local administrator rights. These will also enable proactive vulnerability management to ensure our cyber security risk is reduced wherever possible.
3.3 Local administrator account passwords will not be available for users.
3.4 Devices must:
- be supported by the vendor
- have operating system security updates applied in accordance with the Vulnerability Management Policy
- have anti-virus and anti-malware software always enabled and updates applied hourly
- have a software firewall configured and enabled
- have all installed software be compliant with the Software Management Policy
- be reset and wiped by Information Services before they are re-issued to another user
- be returned to Information Services for reuse or secure disposal when no longer needed
3.5 Exceptions to this policy must be approved by Information Services.
3.6 Devices which do not conform with these requirements will be treated as BYOD devices or placed onto restricted networks.
This Policy is maintained by Information Services, was last reviewed in July 2022 and is due for review in August 2023