The University of Colorado Boulder has adopted a new set of standards to ensure that all users, computers, and data are secure and protected. This new standard will apply to all university-owned machines and data. For more information about the standards and policies, please see the Secure Computing Standard for Computers policy.
Purchasing Guide
- Buy a computer: CU Marketplace is the recommended place to acquire a computer. Faculty are eligible for an FCPP subsidy of $1,200 for a new computer every fourth year. Learn more about FCPP.
- Before setup: Prior to the computer delivery, the computer's primary user should fill out the Office 365 Apps License form (on-campus or VPN connection required). An Office 365 Apps License is necessary for computer setup. Completing this form will either notify that a license already exists for the user or a ticket will be created to assign the license (should take no more than one business day). The user may also contact the IT Service Center at oithelp@colorado.edu or 303-735–4357 to get help with the license assignment.
- Setup: During the initial setup of your computer, you will be prompted to enter your IdentiKey username and password. It is recommended that the primary person to use the computer perform the initial login. You may also be asked to confirm your identity using multi-factor authentication (MFA). Visit OIT's MFA page for more information and setup instructions.
- Going forward, you will always use your IdentiKey username and password to log in to your computer.
- If using Mac's Migration Assistant to transfer data from an old Apple computer, only migrate user data and not system data. If you need assistance with this step, we recommend you engage Buff Techs for support.
Feature Overview
The following features will be standard policies and configurations for every macOS device purchased by the University of Colorado Boulder.
Default Software Installation
The University of Colorado Boulder will automatically install and configure a default set of applications on all university-owned Apple devices. These include:
- Alertus
- Cisco AnyConnect VPN
- Jamf Connect
- Google Chrome
- Mozilla Firefox
- Microsoft Defender
- Microsoft Office 365
- Microsoft OneDrive (Prepare your data for OneDrive on macOS instructions)
- Microsoft Teams
- Zoom
Self-Service
The University of Colorado Boulder will offer additional software and tools through the Self-Service Application on your Apple device. This will enable you to install additional applications and tools to troubleshoot or fix your device without the direct support of an IT professional.
Software Patching
The University of Colorado Boulder will test and automatically install software updates to any application it has installed on your machine either from the default set of applications or any additional software you have installed from Self Service. This ensures vulnerabilities that unwanted actors may utilize are patched, and you and your data are protected.
Operating System Patching
The University of Colorado Boulder will test new operating systems patches and alert users when they are ready to be installed. A tool called Nudge will alert users when there is a new update and will indicate the deadline to patch your machine. For more information about Nudge, please visit the Nudge for macOS Updates page.
Data Backup
Automatic data backup will be performed by Microsoft OneDrive. During setup of a new device, you will be prompted to sign in to OneDrive. Once signed in, your computer will automatically sync your Desktop and Documents to the root of your university OneDrive account. If OneDrive has already created a Desktop and Documents folder, any data in those folders will automatically sync to your computer.
University-Authenticated Login
The University of Colorado Boulder will utilize a tool called Jamf Connect for login and account creation on your machine. During setup, you will log in to Jamf Connect with your university email credentials, and your user account will automatically be created. This account's credentials will stay in sync with your university IdentiKey.
Disk Encryption
Apple devices purchased by the University of Colorado Boulder will automatically be encrypted with FileVault, Apple's recommended encryption technology. This will protect you and your data while you are working, and will prevent bad actors from accessing sensitive data if your device is ever lost or stolen. If you are ever in need of your FileVault Recovery Key, you may reach out to the IT Service Center or your department IT professional for assistance.
Emergency Support
The University of Colorado Boulder will install tools that provide support and information in the event of an emergency on campus. The Alertus application will send out alerts for important situations occurring on campus. In addition, Teams will utilize E911 services to help dispatchers provide accurate location information to emergency responders.
Device Setup
Your Apple computer will automatically configure itself to meet the Secure Computing standards with the features outlined above. For a detailed guide to help walk you through the setup process, please visit the Remote Setup Guide for Macs.
If you wish to set up your old computer to meet the Secure Computing Standards, you can follow Reimaging and Resetting Your Apple Device (PDF).
