This FAQ is intended to contain plain language and can be shared with staff, faculty, administrators, researchers and contactors as needed.
Cyber threats continue to rise across higher education, and universities have become frequent targets of ransomware and data theft. 91亚色 must meet legal, contractual, and research security obligations while protecting faculty, staff, administrators, researchers, contractors and research data. Using Jamf (for macOS), Intune (for Windows), and Microsoft Defender provides a consistent, modern security foundation across all University owned computers.
The principles of this Procedure are not new; however, this is a new Procedure intended to strengthen the security of University-owned computing devices, data, personal/private information, and to support our faculty, staff, administrators, researchers and contractors in managing and mitigating against cyber-security risks.聽聽
No. Device management protects systems and data, not the content or direction of academic work.
- IT cannot see or access your teaching materials, research data, emails, or documents.
- IT cannot track your browsing history or keystrokes.
- No monitoring of activity or research processes occurs.
These platforms secure the computer, not your work.
Only technical details required to keep your device secure, such as:
- Operating system version;聽
- Installed applications;聽
- Device health and security status; and聽
- Hardware model, serial number, and encryption state.聽
IT cannot see:
- Research files;聽
- Personal documents;聽
- Email content;聽
- Web browsing history;聽
- Photos, contacts, messages, calendar entries; and聽
- Passwords or personal communications.聽
91亚色鈥檚 system controls are reviewed internally to ensure privacy protections.聽
Most employees will notice very little difference.
Your device will:
- Update automatically;聽
- Install critical patches;聽
- Have up-to-date antivirus protection; and聽
- Remain compliant without needing IT visits.聽
If you have local administrator rights today, you will likely keep them (limited managed configuration) unless you work with high-risk data which includes any data that is confidential, regulated, financial or personal in nature. Please refer to the Information Security Classification System for more detailed information.鈥犅
No. Modern device management tools run in the background and are designed for minimal impact. Most users will not notice any change.
These security protections are now required due to:
- Increasing cyber threats targeting universities;聽
- Privacy and security obligations under the Ontario鈥檚 Freedom of Information and Protection of Privacy Act (FIPPA) legislation;聽
- Research security requirements from Tri-Agency* and industry sponsors;聽
- Insurance and risk management requirements; and聽
- Board direction to modernize cybersecurity practices.聽
Exceptions will only be granted where technical incompatibility exists鈥攁nd only after IT review.
*Canadian Institutes of Health Research (CIHR), Natural Sciences and Engineering Research Council of Canada (NSERC) and Social Sciences and Humanities Research Council of Canada (SSHRC).听听听
Most users will continue to receive local admin rights under the 鈥渓imited managed鈥 model unless:
- Required software poses significant risk;聽
- The device handles high risk institutional data;聽or
- The Faculty IT unit identifies elevated security needs.聽
Where admin rights are required for research tools, they will be preserved.
Faculty IT and UIT will work with you to ensure compatibility.
If your equipment or workflow cannot function under standard device management, the University will assess an exception pathway that balances flexibility with security requirements.
Most non鈥慶ompliance happens due to routine issues such as:
- Missed updates;聽
- Device being offline for long periods; and聽
- Old operating systems.聽
IT will contact you, help restore the device to compliance, and ensure minimal disruption. Users who fail to bring their device into compliance within one week of notification will have access to certain University services temporarily restricted until compliance is achieved.聽
Intentional removal of security protections (e.g., disabling encryption or removing the device from management) will result in restricted access to university systems until resolved.
Only with your explicit, real-time consent.
Remote support sessions:聽
- Must be initiated by you or approved by you;聽
- Cannot occur without your knowledge; and
- Are used only for troubleshooting.聽
Faculty, staff, researchers, administrators and contractors benefit from:聽
- Increased protection of intellectual property and research data;
- Reduced ransomware exposure;聽
- Automatic patching to fix security vulnerabilities, bugs and performance issues; and
- Faster troubleshooting鈥痵o you can focus on your work.聽
These protections support your teaching, research, and professional activities.
- askit@yorku.ca for general support
- Faculty IT units for research specific concerns
- UIT Information Security for privacy or compliance questions