Charge
The Asset Management (ASM) team is primarily charged with the curation of the "ProtectUs Essentials" (a bundle of applications that enable UC Merced to meet the requirements of the mandate, specifically EDR software) and its deployment to university-owned devices. Secondarily, the team is charged with the following:
- To support the continued security of newly purchased devices and management of existing devices, the team is:
- Designing a campus-wide asset tag for quick identification of a device's ownership status
- Developing and re-establishing processes around UC Merced laptop and desktop procurement
- Configuring a device management program that will allow IT to support devices with automatic updates and changes
Mandate Requirement
Ensure identification, management, and vulnerability assessment of all computing devices connected to university networks.
Deploy and manage Endpoint Detection & Response (EDR) software on 100% of University-owned computing assets defined by UC EDR deployment standards.
Methods of Achievement
Device Management Program
What's Happening
With the mandate requiring some changes to how UC employees engage with devices, OIT is working on a centrally-managed system for managing devices. The goal of this system is to allow quick and easy installation and configuration of devices with the ProtectUs Essentials and, in the future, more.
This process looks a little different depending on the system you are running. Here are some resources on how to get enrolled and become compliant.
- Note: OIT recommends you backup your data BEFORE enrolling your device. While there is a low probability of issues and data loss, it is always a good idea to have a secure data back-up of your system for safety purposes.
- Self-Guided Apple Device Enrollment
- Guided Windows & Apple Device Enrollment
Supporting Resources
ProtectUs Essentials
What's Happening
OIT is in the final stages of curating what will be called the "ProtectUs Essentials," which is a bundle of applications that will be required on all university-owned devices. Within this bundle of applications is Endpoint Detection and Response (EDR) software, also known as Anti-Virus software, which is the most important in meeting the system-wide mandate. Included in the bundle beyond EDR are VMP, Backup Software, and Device Encryption. As of today, you can download the Backup software and get assistance with encrypting your device via the ServiceHub. More information on EDR and VMP will be coming soon.
Supporting Resources
Device Ownership Verification
What's Happening
In our efforts to reach 100% compliance, OIT will begin sending Device Ownership Verification emails to Staff, Faculty, and Graduate Students who authenticate to the network on devices that are not enrolled in the Device Management Program. We will begin sending these notifications and further updates in the coming weeks.
Microsoft Sign-on
What's Happening
Starting September 15th, 2025, when you log in to a UC Merced Microsoft or Amazon Web service (AWS), instead of seeing our Single Sign-on (SSO) screen, you will see the new Microsoft Sign-on screen. Microsoft Sign-On allows you to log in to the suite of Microsoft applications, services, and websites in addition to select campus services such as RemoteLab, which are managed through Amazon Web Services.
The launch of Microsoft Sign-on will enable Windows devices to self-enroll in the UC Merced Device Management Program. After an extensive evaluation of alternative solutions, the Office of Information Technology (OIT), in collaboration with campus partners, determined that this approach best meets our needs within the available timeframe and minimizes campus disruption.
Asset Tagging
What's Happening
To assist in identifying devices as university-owned assets, OIT will begin asset-tagging devices that download the ProtectUs Essentials and enroll in our managed device state. These asset tags are tamper-resistant and will have a unique identifier so our technicians can quickly identify the device. This will also assist in returning the device to its intended owner when devices are lost or misplaced.
Design of Asset Tag
Supporting Resources
Device Procurement
What's Happening
In partnership with Procurement, OIT has developed connections with preferred vendors that will make the device purchasing and management process easier. These connections will become punchouts in BobcatBuy+ that are full of curated devices. The goal is to make selecting a new device easy and for those new devices to automatically be enrolled into the managed device state, so upon arrival, it will begin configuration and be ready to go. More information will come soon.
Supporting Resources