Body
University-owned computing devices (Laptops, Desktops, Workstations, Tablets, Smartphones, etc) are categorized as minimally managed, fully managed, or high security/restricted devices.
The default configuration for the majority of university-owned computing devices is fully managed. This configuration is typical of office desktops, faculty workstations, labs, and research spaces. They are connected to the Michigan Tech central authentication system, have access to a large library of software applications and licensing, and a direct connection to campus network storage, including home directories. These systems are administered by Information Technology, and our Service Management team supports day-to-day operation and customer needs.
A smaller number of devices require some additional flexibility. Mobile devices (laptops, tablets, smartphones, etc.) or devices connected to scientific/data acquisition equipment, such as microscopes/sensors, where there may be additional administrative access required for specific hardware or software installation and maintenance, are typically in the minimally managed category. The Michigan Tech employee end-user has more of a shared responsibility for the device and is granted limited administrative ability to maintain the device. Minimally managed devices are still connected to campus authentication, management, and security systems and must remain patched and compliant with University standards and policies. Access to campus resources like network storage and printing is provided through additional controls like the VPN, PaperCut, and a reduced amount of software and licenses is available to these devices.
A small number of campus devices are designated as high security/restricted devices, which are devices typically involved in specific restricted sponsored research, financial, or military-related programs. These devices are highly restrictive, and access to these systems is highly controlled, regularly audited, and consistently monitored. The data accessed and stored, as well as physical access to these systems, may require specific security controls, clearance, citizenship, and/or approvals. The designation of a high security/restricted device and the additional policies, requirements and procedures are handled by our Security Team, Research Security and Compliance Team, Vice President for Research Office and University Legal Council.
Legacy devices not falling into one of these categories will be required to be rebuilt as they are discovered and brought into compliance with University standards and policies.
Help Me Choose
| Fully Managed |
Best for standard office work, general teaching, and researchers who want IT to handle all maintenance. |
| Minimally Managed |
Best for those with specialized hardware (microscopes/sensors), faculty who travel frequently and manage frequent software installs.
|
| High Security |
Only for those with specific grant requirements (NIST, CUI, ITAR) or sensitive data. |
Fully managed
Accounts and permissions
Log in with your Michigan Tech account. Remote access to office or private lab computers is available for faculty and staff from off-campus with the use of the VPN client. Remote screen sharing will prompt the customer for approval. Administrative access is restricted to Information Technology professionals.
Access to H: home and M: multidrive
Access the M: multidrive and H: home drive without the need to use the VPN.
Saving and backing up files
Save files and your account profile to the H: home or M: multidrive, where backups are taken on a frequent basis. This allows you to be able to restore recently saved files on the M: multidrive or H: home drive yourself.
Printing
Add Michigan Tech campus networked printers without needing to install and run the Papercut Client.
Software
Install selected Michigan Tech software through a campus software library without the need for administrative privileges and access the campus license servers without the need to use the VPN. Contact IT for additional software requests.
Updates and security
Michigan Tech IT will automatically update the operating system, firmware, and selected software during the weekly maintenance window (Thursdays, 2 a.m. to 6 a.m. EST). Please log off your device each Wednesday evening and keep it on and connected to the network.
Michigan Tech IT automatically configures security settings to apply standard workstation security, such as the system firewall, logging, encryption, screen locking, and remote management/assistance for IT staff.
Minimally managed
Accounts and permissions
- You will need to connect to the Internet before you log in for the first time. Connect to wireless on-campus or to another network.
- Log in with your Michigan Tech email address (accountname@mtu.edu).
- The device will then cache, or remember, your credentials for use in areas with low or no network connectivity.
In certain situations, administrative access is allowed for the customer to perform system management and upkeep, as long as the device maintains a regular connection with the IT device management system (Azure, JAMF, or Satellite).
Access to H: home and M: multidrive
You will need to manually configure the connection to your H: home or M: multidrive, as well as use the VPN.
Saving and backing up files
You can save your files and account profile locally on the device. However, files saved on the device are not backed up by IT. For that reason, we strongly encourage you to store important files in a network location, such as your H: home or M: multidrive, where backups are taken on a frequent basis. You can also use Google Drive for Desktop or an external hard drive.
Printing
Installing and running the Papercut Client is required to print to campus networked printers. You will need to manually install drivers and printers.
Software
You can access selected Michigan Tech software, beyond what is already included in the Campus Common CORE software, through the available campus software libraries. Contact IT for additional software requests.
- Windows: AppsAnywhere is available in the Azure Company Portal. Please visit AppsAnywhere Overview for more information.
- Mac: Tech Apps campus software library (Mac) and Software Distribution Center
- Linux: Software libraries available from the standard OS provided repositories - most software will need to be manually installed by the customer.
Updates and security
Michigan Tech IT applies basic system security and configuration settings and configures the system to perform regular operating system and security patches. When possible, local drives are encrypted. Michigan Tech IT manages the encryption keys.
Michigan Tech IT monitors compliance for updates and security through IT management systems. Minimally managed devices connected to our Azure management system are expected to periodically connect to the network and remain compliant with patching standards. Devices identified as being behind on patches will be locked from access and removed from the network until updated and in compliance. Exceptions may be made at the discretion of our security and compliance teams and require an exception request to be submitted to Michigan Tech IT.