REQUEST HELP
How to Find Us

Contact ITS

Exley Science Center
ITS Service Desk / Help Desk - 1st Floor Lobby
265 Church Street
Middletown, CT 06459

Main: 860-685-4000

Hours: Monday - Friday
8:30am - 5:00pm

After hours high impact / high urgency IT support

Workstation Configuration Standard 

 

Purpose 

To outline required configuration settings for university-supported workstations.  

 

Scope 

This standard covers all workstations, whether laptops or desktops, that are supported by the university.  This covers all workstations purchased with university funds regardless of which funds are used. 

 

Standard 

Supported operating system 

All workstations must use an operating system that is currently supported with security patches from the organization that provides the operating system. 

Automated operating system patching 

All workstations must be configured to automatically install operating system patches within 30 days of release. 

Centrally managed by Information Technology Services (ITS) 

All workstations must be connected to a workstation management system operated by ITS.  The workstation management systems currently used by the university are listed in the appendix. 

Endpoint Detection and Response (EDR) software 

All workstations must be configured to run the EDR software provided by the university.  The EDR software configuration settings that allow the EDR software to automatically update must not be disabled.  The EDR software currently used by the university is listed in the appendix. 

Disk encryption 

All workstations must run university-provided encryption software.  This ensures that the decryption key is centrally stored and can be recovered in case of emergency.  The disk encryption software currently used by the university is listed in the appendix. 

Exceptions 

All exceptions to this standard require written approval from the Chief Information Security Officer.  All exceptions require annual renewal. 

 

Appendix  

Workstation management systems 

Windows workstations are currently managed via both Microsoft System Center Configuration Manager (SCCM) and Microsoft Intune.  Mac workstations are currently managed through Jamf Pro. 

Endpoint Detection and Response (EDR) software 

All workstations must use Microsoft Defender 365 and it must be configured to communicate with the university’s Microsoft Defender service. 

Encryption software 

Windows workstations must use Microsoft BitLocker and be configured to store the decryption key in Microsoft InTune.  Mac workstations must use FileVault and be configured to store the decryption key in Jamf Pro. 

 

Revision History 

August 2024 – Standard adopted