...
Identify any devices connected to the UT network and record hardware and contact information. This includes (but isn't limited to) computers, printers, sensors, firewalls, local switches, instruments directly networked, and AV equipment.
Assess the state of computers by reviewing inventory information and discussing with PIs and / or lab staff. CNS OIT techs will ask questions that help determine the compatibility between the computer's required functions and management.
For computers already enrolled in management, they will check the status of data backups using CrashPlan and help configure backups if needed.
...
| Table of Content Zone | ||||||
|---|---|---|---|---|---|---|
| ||||||
Who does this impact?
All faculty, staff, and graduate students. Undergraduate students are also impacted if they are conducting research or working with research data.
You will be impacted if one of more of the following criteria applies to your role:
is funded by UT and / or external grants,
involved in research that is funded by UT and / or external grants,
requires you to use (including produce, share, access, store) UT data,
is instructional with direct student interaction and access to FERPA data.
Many people at UT have multiple roles and there are certain instances where your UT-related activities are outside the scope of this project. Only roles that meet the criteria described above are in scope.
One example of a person who has roles in scope and roles out of scope is a graduate student. Their “TA role” is in scope because they are interacting with students and accessing FERPA data (student information and grades). Their “research staff role” is in scope because they are conducting research and interacting with research data that is being produced as part of a project funded by an external grant and / or UT. Their “student role”, however, is not in scope— this includes their own FERPA data, homework assignments, and course materials that are related to a class in which they are enrolled.
What computers and devices are included?
Any computer that is accessing UT data or used for UT business. This includes any computer that is:
UT-owned and already managed by CNS OIT, or
UT-owned but not yet managed by CNS OIT, or
provided by the vendor for use controlling a scientific instrument, or
personally-owned
For enrollment in EPM, ONLY computers that are UT-owned are in scope.
For inventory identification, our current focus is computers, however we may also ask to gather inventory information about other network-connected devices like printers, iPads, or IoT devices such as freezers.
How will this impact me?
You will only be impacted in the ways that are listed under the FAQs “Who does this impact?” and “What computers and devices are included?” It can be helpful to ask yourself, “What roles do I have, and which is the reason for me participating in this specific activity?” to determine how you’ll be impacted.
How long does the inventory identification take?
10-25 minutes for each computer. What information we already know about the computer,
For more information about what inventory identification includes, please see the FAQ section “Inventory Identification“.
How long does enrollment take?
How can I coordinate the process with CNS OIT? Are there options to schedule an appointment?
What if CNS OIT never comes to my lab?
Endpoint Management (EPM) & Enrollment in Central EPM
| Table of Content Zone | ||||||
|---|---|---|---|---|---|---|
| ||||||
What will be different after my computer is enrolled?
admin access
logging in with EIDs
OS and applications updates (security)
screen saver lock
CNS IT will have an admin account
Remote access
What updates are done by management?
Is my computer compatible with EPM?
Apple computers:
Windows computers:
Must be compatible with Windows 11, or compatible with Windows 10 with a replacement plan identified (Windows 10 reaches End of Life in October 2025 and will not be allowed after that date).
Do you have access to my data?
Some of it. CNS OIT has the access and technical ability to access data that is stored in these ways:
On the hard drive of a managed computer: Select members of CNS OIT staff can use our administrative account to access files saved within any user profile.
CrashPlan (Code42, UTBackup): Select members of CNS OIT staff have access to the administrator console.
UT Box: Only if CNS OIT is the owner of a shared folder, or has access to a departmental Box share.
File servers: Only if CNS OIT manages it.
CNS OIT does not have access to data stored in these locations, however the administrators of these services do:
UTMail
Microsoft 365: Outlook (email and calendar), OneDrive, SharePoint, Teams
UT Box
All other UT-owned devices and services
Your data is your data, and the privacy and security of your data is a top priority. We do not access a person’s data unless requested to do so by the data owner or another authority.
Will you be monitoring or looking at my data?
No. CNS OIT does not look at nor monitor the data anyone has on their computer. The only time we intentionally touch data on a computer is if we are assisting in data recovery or if we are legally required to do so such as during a FOIA request. In these cases, CNS OIT does not open, look at, nor review any files beyond verifying the data is not corrupted.
Inventory Identification
| Table of Content Zone | ||||||
|---|---|---|---|---|---|---|
| ||||||
What information are you gathering?
What information we’re collecting | Collected for UT-owned computers? | Collected for personal computers? | Why we’re collecting it |
|---|---|---|---|
Why are you taking inventory details about my personal computer?
Why do you need to know how I use my computer?
These are 3 main reasons:
We configure management to minimize disruptions and avoid negative impacts to productivity while adhering to security requirements. The default management configurations are designed based on the average habits and needs of our users, but we evaluate every situation individually.
Troubleshooting is streamlined and a more targeted approach can be taken. We look for patterns based on how a computer is used, and deviations from those patterns help us identify the underlying problem.
UT is required by state law to identify what classification and types of data are stored on or accessed by a device. Knowing how a device is used helps answer this question.
For personal computers, knowing how you use your personal computer for UT business will help us in identifying options as we collaborate with CNS leadership to address the use of personal devices for UT business.
How are you gathering information?
By getting information from the device itself, and by talking to the device owner or users.
For personal devices:
CNS OIT technicians may navigate through device settings and use Command Prompt or Terminal to gather specific pieces of information. No changes to settings or configurations is made during this process.
If you do not want CNS OIT technicians to touch your personal computer, please let them know. Our technicians will then inform you what information they need and guide you through finding that information.
For UT-owned devices:
When gathering inventory details from the device itself, CNS OIT technicians will use scripts written by our Mac, Windows, and Linux Systems Administrators that return specific pieces of information. These scripts automate the steps our technicians would otherwise perform manually and individually through a combination of navigating through the device settings and using commands in Command Prompt or Terminal. The only configuration change made would be enabling a routine setting that allows scripts to be run if it is not already enabled. The script itself does not make any configuration changes.
You may also see the technicians submit the information provided by the script through a Microsoft Form. This Form is configured to securely submit the data to a database that only CNS OIT staff are able to access. This allows our technicians to record the information more quickly and
Who has access to the information?
Only staff in positions of special trust with controlled access will be able to access information.
For UT-owned devices, this means CNS OIT staff and authorized UT IT staff including the Information Security Office and systems administrators for the EPM tools.
For personal devices, only CNS OIT staff will have access to all of the information you provide to us. If a personal device has connected to the UT wired network, authorized UT IT staff including the Information Security Office will be able to see only specific pieces of information about the computer’s hardware that make it identifiable on the network.
CNS OIT shares, at specific intervals, aggregate data with CNS leadership. If any information about specific devices, groups, or individuals (such as department, needs, and use-cases) is anonymized before being shared.
Use of Personal Computers and Personal Devices for Research and UT Business
| Table of Content Zone | ||||||
|---|---|---|---|---|---|---|
| ||||||
What should I do if I'm currently using a personal device for UT work?
Anyone who uses a personal computer or who has students or assistants who use personal computers should fill out this form so the college can determine the scale and users' needs.
Full-time staff should submit a ticket at https://help.cns.utexas.edu/ requesting a work computer. Tenure-Track faculty should provide funds to address the purchase. Professional track faculty qualify for a university laptop through the Dean’s Instructional Laptop Program.
Will I be required to enroll my personal computer in EPM?
NO. CNS OIT will not enroll and is not permitted to enroll personal devices in central EPM.
Is there a plan to provide UT laptops to researchers that are currently relying on their own personal equipment?
Not right now. We are still working on identifying options based on the needs identified and in collaboration with CNS leadership.
What about undergraduate researchers working in the lab? What if I have a large number of students involved in research throughout the academic year?
We don't have a solution identified yet, but this is a need we are aware of and planning for.