• Verified
  • Definitions & Terms used in EPM

    Below is an alphabetized list of terms that are used frequently during the effort and in Endpoint Management. In addition to the definition, an explanation of what it looks like in CNS or the implications is provided.

    Check back often for updates

    This content is still under development and new content is being added regularly. The date this page was last updated can be seen under the page title.

     

    Term

    Definition

    What does that mean?

    Term

    Definition

    What does that mean?

    Address, addressing a device

    Done by CNS OIT in collaboration with the owner.

    Take actions so the device is capable of performing needed functions and is compliant with security policies. This includes collecting inventory information, making configuration changes to the device, and/or making configuration changes around the device.

    Inventory identification will happen for every computer. Some details from inventory identification are used to determine compatibility of the device with EPM. Configuration changes to a computer may include enrollment in central management, adjusting administrative permissions, setting up data backups, installing OS and application updates, among other settings changes. Configuration changes around the computer may include removing it from the network, changing what network it’s connected to, or adding a hardware firewall.

    Central EPM, centralized endpoint management

    EPM that has been established for use by all of IT at UT: Jamf for macOS and Apple OSs, MECM for Windows, and Orcharhino for Linux.

    Security is improved and resources are more efficiently allocated as all IT groups at UT Austin use the same EPM platforms. Prior to the Endpoint Management (EPM) Centralization and Standardization Program, each CSU had to do this on their own.

    Data

    Any information, facts, or statistics produced for reference or analysis.

    In the context of information technology, “data” refers to raw, unprocessed facts and statistics collected for reference or analysis. It can exist in various forms, such as numbers, text, images, or sounds, and is used as the basis for computations, analyses, and decision making in IT systems.

     

    Every file on a computer is considered data. Some examples are Excel spreadsheets, PowerPoint presentations, email and Teams messages, research posters, digital lab notebooks, photos and videos, or instrument readings.

    Endpoint

    Any device capable of connecting to the internet and accessing, storing, or sharing information.

    Computers, tablets, smartphones, security cameras, and printers are all considered endpoints.

    In the context of this project, “endpoint” will most commonly be referring to a computer.

    Endpoint Management (EPM), management

    A set of tools used by IT to employ policies designed to protect access to University computers, data, and resources by securing computers and identifying the presence of specific security vulnerabilities.

    Currently, we have EPM tools for computers (macOS, Windows, and Linux) and iPads. The EPM tools we’re using are all part of central EPM.

    Enroll, enroll in management, enrollment in central management

    Done by CNS OIT in collaboration with the owner.

    Install software that connects a computer to the centralized Endpoint Management (EPM) systems, then use the EPM systems to set up policies for regular installation of updates and enable security configurations.

    See the FAQ “What will be different after my computer is enrolled?” for more details.

    Inventory identification

    Gather details about a computer that are used to identify a device, who is responsible for it, and aid in support.

    CNS OIT will gather details about the computer’s hardware from the device itself. We will talk to the owner and/or users of the device to find out information about how the device is used and by whom. See the FAQ section “Inventory Identification” for more details.

    Jamf

    The EPM tool used for managing Apple devices including macOS computers and iPads.

     

    Microsoft Endpoint Configuration Manager (MECM), ConfigMgr

    The EPM tool used for managing computers and servers running Windows operating systems.

     

    Orcharhino

    The EPM tool used for managing computers running distributions of Linux.

     

    Owner, device owner

    The individual who owns the device or who is responsible for making decisions about the device.

    For research labs, the PI is assumed to be owner for each device. The owner can delegate responsibilities (such as approving changes) at their discretion.

    Personal, personally-owned

    • Purchased using personal funds that did not originate from a UT account.

    • Is not in UT Inventory

    • Belongs to the individual.

    In the current effort, smartphones are out of scope.

    Scientific data

    As defined by the NIH’s Data Management and Sharing Policy, scientific data are defined as, “the recorded factual material commonly accepted in the scientific community as of sufficient quality to validate and replicate research findings, regardless of whether the data are used to support scholarly publications.”

    This includes:

    • Primary data, often obtained through measurement, observation, or simulation.

    • Individual data points that are commonly grouped together in datasets with a consistent and defined data structure.

    • Manuscripts that have been submitted or accepted for publication.

    As defined by the NIH, Scientific data do not include: 

    • laboratory notebooks,

    • preliminary analyses,

    • completed case report forms,

    • drafts of scientific papers,

    • plans for future research,

    • peer reviews,

    • communications with colleagues, or

    • physical objects, such as laboratory specimens.

    Used for University business

    Any device that is used to store, process, access, or share data that is owned by the University or produced during and/or for the purpose of performing University duties.

    Using a computer in these ways would make that computer used for University business:

    • Grading student work— even if done entirely through a web browser (e.g. using Grade Scope or Canvas).

    • Analyzing data, writing a paper, or creating a poster for UT-funded and/or grant-funded research.

    Any UT work or UT resources being accessed as a student does not count (e.g. submitting your own coursework via Canvas).

    UT business, University business

    Any activity that is occurring as the result of, in service of, or to further the mission of The University of Texas at Austin and / or the values and impact of the College of Natural Sciences.

    Research, undergraduate education, graduate education, and public service.

    UT data, University data

    Any data, information, or insights that are generated, collected, processed, or stored while conducting UT business.

    Any data stored on or in a UT-owned device, account, or service.

    These data are owned by the University of Texas at Austin; they are not the property of the persons creating or using the data. Thus, there is no expectation of privacy.

    Including digital files, recordings, emails, employee records, financial transactions, operational documentation such as SOPs, metadata, and all data produced as part of research— even if it does not meet the criteria for scientific data.

    A UT-owned service would be anything you sign into using your EID or any licensed software / service that is paid for with UT funds. This includes UTMail, UT Box, Qualtrics, and Microsoft 365 (e.g. Outlook, Teams, OneDrive, SharePoint).

    Your own personal information and personal data protected by HIPAA, FERPA, or another federal or state law is not considered UT data when it is in your possession.

    For example, accessing my own medical records after a visit to University Health Services is not considered accessing UT data. A member of University Health Services staff accessing my medical records after my visit is considered accessing UT data.

    UT Inventory

    Any physical item owned by the University of Texas at Austin. The items are recorded in the Financial Resource Management System (FRMS), owned by Inventory Services.

    Items with a “Property of the University of Texas” sticker (UT Tag) are all UT Inventory.

    All computers in UT Inventory are requires to have a UT Tag. CNS OIT technicians will place an orange UT Tag on untagged computers.

    UT-owned

    Purchased using UT funds, including grants. Owned by the University of Texas at Austin. In UT Inventory.

    For research labs that came to UT from another University: all devices originally purchased at a prior institution and were brought to UT are UT-owned and required to be transferred from the prior institution’s inventory to UT inventory.

    Devices picked up from surplus or acquired from the UT surplus store are also UT-owned.

     

     

    Questions about Endpoint Management in CNS?

    Submit an Endpoint Management Questions request to create a ticket with our CNS OIT EPM team.