What is OIT’s role in Secure Computing standards for computers and servers?
As described in APS 6005, the CIO is designated by the Chancellor with oversight authority for all campus IT operations and may enforce the requirements of University and campus policies for information security. OIT is providing and supporting solutions that will make it easier to comply with the new standards. Finally, OIT may shut down IT operations that are out of compliance with this and other IT policies.
I do not have an IT person. How do I receive Secure Computing support?
Support for people who do not have dedicated IT staffing may request assistance through the IT Service Center by calling 303-735-4357 or oithelp@colorado.edu. Alternatively, you may schedule an appointment with Buff Techs.
With this change to Dell and Apple computers ordered through the CU Marketplace, will order fulfillment take longer than before?
No. This change to Dell and Apple computers will in no way affect order fulfillment or delivery times, so you don’t need to build in more time to your order.
Will I still contact my local IT support person for assistance with my new computer?
Yes, you can still contact your local IT support person for help or assistance with your new computer. The new out-of-box, hands-off setup experience provided through the Secure Computing standard should be quick and trouble-free. However, you might feel more comfortable scheduling a time with your IT support person to walk through that initial setup together. Alternatively, you could schedule a time with them after the automated setup is complete to make sure you have everything you need. Perhaps there are additional applications that need to be installed, or custom tweaks to your software are needed. Your IT support person can certainly continue to assist you with these and other needs, just like they have in the past.
Will the departments need to pay for adhering to the standards?
For desktops and laptops, licensing is included in our campus A5 license. OIT will pay for server licenses (Defender for Endpoint Plan 2) through June 30, 2024) Departments will need to anticipate and plan for this cost in future years starting in FY25.
Will there be exceptions to the standards?
If there is a compelling business reason for an exception, it will be considered on a case-by-case basis. Exceptions must receive approval from both the Provost and Executive COO, in consultation with the Senior AVC/CIO. Visit the Computer Standard Exception Process page for a detailed description of the process as well as the necessary forms to fill out.
What mechanism will there be for securing or excepting specialized research software or hardware items from the restriction of end of life/unsupported software? What if a system uses legacy software which cannot be updated in support of an expensive piece of hardware?
As part of the exception process, OIT Security will work with the requestor to review the capability for compensating controls (e.g., network disablement/isolation) to minimize the risk of using legacy software. Exceptions will be granted on an individual request basis and, if a compelling business reason exists, must be approved by the Provost and Executive COO in consultation with the Sr. AVC/CIO. Visit the Visit the Computer Standard Exception Process page for a detailed description of the process as well as the necessary forms to fill out.
Do the standards apply to all brands of computers?
Yes. Ordering a Dell or Apple computer through the CU Marketplace will arrive pre-configured to automatically apply settings and software needed to ensure compliance with the Secure Computing standards. Other brands of computers will require more manual configuration and setup to comply with the standards and will be the responsibility of the user in a later phase that addresses existing computers. All computers will be required to comply with the Secure Computing standards unless an explicit exception has been granted.
Can I install my own software?
Yes. You can still install your own software on the computer. You may find the software you need is already available via the Software Center (Windows) or Self Service (Mac) applications that come pre-installed on your computer. If you find that you need software that isn’t available via the self-service options, you may download and install the software on your own. Be aware that one of the Secure Computing standards requires that any software you install is current, regularly updated, and supported by the vendor. Third-party software is just as susceptible to targeted security vulnerabilities as the underlying operating system, so it’s important to remember that you are taking on the responsibility to ensure that the software you install is kept up-to-date.
If we have existing computers that do not comply with the standards, will we have to buy new computers?
OIT is working on ways to ensure qualified computers can be brought into compliance, rather than replacing them. However, if existing computers are unable to be upgraded, new computers may be required.
I am receiving an error when trying to set up my new computer, how do I solve the issue?
During the initial setup of your Dell computer, you will be prompted to enter your IdentiKey username and password. If you enter your Identikey username of password incorrectly, you will get an error message indicating as such. If you receive any other error message within 30 seconds or so of entering your IdentiKey, the problem is likely that you do not have the appropriate Office 365 license assigned to you.
Check the status by having the computer's primary fill out the Office 365 Apps License form (on-campus or VPN connection required). Completing this form will either notify that a license already exists for the user or a ticket will be created to assign the license (should take no more than one business day). For assistance with licensing or any other issues contact the IT Service Center at oithelp@colorado.edu or 303-735–4357 to get help.
What if my existing computer is too old to comply with the standards?
If a computer is unable to run an operating system that is currently supported, the computer must be replaced. Learn more about purchasing a new windows or new apple computer.
What is the benefit of purchasing new computers through Marketplace?
Purchasing new computers through Marketplace is the ‘Easy Button’. The computer will arrive pre-configured to automatically apply settings and software needed to ensure compliance with the Secure Computing standards. You may also find the initial setup of the computer to be more simple and faster than in the past, as the individual installation of standard software and configurations are no longer needed. The setup is flexible enough to be completed from your home, campus, a coffee shop, hotel, or a beach. Anywhere you can connect to the internet will support a Secure Computer.
What if the higher-end and specialty computers I need are not available through the CU Marketplace?
You may need to work with Dell to use a custom quote for your order. You can use the Dell purchasing page in the CU Marketplace to access a list of Dell contacts that can help you with your order.
What if the computers available on the CU Marketplace don't meet my business needs?
If you decide you need to purchase a computer from an alternative vendor, you will still be required to meet the Secure Computing standards. It may be possible for you to work with OIT to manually enroll the non-Dell Windows computer in the Secure Computing program. Contact the IT Service Center to submit a support request.
Are Secure Computers backed-up centrally?
All Secure Computing computers back up any data stored on the Desktop and in Documents to your OneDrive. Data stored outside these locations are not backed up. It is recommended that all data be stored in these specific folder locations. Alternatively, you can also use the OneDrive application to store and access files in OneDrive.
What should I do with my Secure Computer at the end of its lifecycle?
University of Colorado policy states that all computing devices purchased with university funds (included grants) are considered the property of the university and must be returned and disposed of through Property Services. Learn more under Disposal of Electronics on the Property Services website.
