ICT have been working to improve how we provision and manage your College Mac & PC. This includes improving how to keep the device secure once it is with you.
As part of these improvements, we are adopting a Zero Touch approach which allows us to ship devices straight to you from the supplier, with our dedicated configuration taking place during setup, as opposed to being sent via ICT for initial configuration.
With a device configured for Zero Touch, when you power on the device for the first time it behaves much like a personally purchased device. It will ask you some initial setup questions including time-zone and some other preferences and will then prompt you for your @ic.ac.uk login information. After you enter your username and password, you will then have to wait between 20 and 30 minutes (depending on your network connection) whilst the device completes its final configuration – including installing Microsoft Office, Anti-Virus and some other College tools.
A key benefit of this approach is the speed at which we can get the device to you. In enabling you to complete the final configuration yourself, devices ordered from approved suppliers can go straight to the desired user rather than having to go through ICT, which often has a multi-week wait, beforehand.
A second notable benefit is that you can self-serve some remedial actions. For example, should a device no longer perform as it once did, you are able to backup and reset your device at your leisure to get it working as expected – an action previously taken on by ICT that could often take a few days to complete.
A final key benefit is security – configuring devices in this manner allows ICT to wipe and lock a device should it get lost or stolen. Although there are some situations in which this might not work, it gives us another tool for protecting the device and your data held on it.
Why is ICT doing this
Within ICT we are constantly striving to do the best for our users, and we believe this approach gives an overall better experience. As well as protecting the device if stolen or lost, this method also ensures that the correct ownership is applied to the device throughout its lifecycle. It enforces that those devices bought with College funds, be that research grants or otherwise, remain the property of Imperial College until such time as they are correctly disposed of.
What ICT is not doing
ICT is not attempting to exercise significant control over the device and is simply applying configuration that keeps the device up to date and secure. By applying these configurations, we are also working to industry practice and guidelines that help Imperial College secure research funding via the Cyber Essentials certification.
Can I opt-out
You cannot. As this is an Imperial College London owned machine, it is managed in line with Information Security Policy as per below:
11.8 When using College IT resources I must comply with the College’s Information Security Policy including this Acceptable Use Policy, JANET Acceptable Use Policy, and all relevant statutory and other provisions, regulations, rules and codes of practice. Specifically, but not exclusively, I must:
11.8.12 not remove or disable any diagnostic and management software installed on College computers by ICT.
Love your device
Updates are important to keep your device safe. Our updates schedule is set to mimic the normal security update release cycles that Microsoft and Apple follow, with the occasional College-specific update that looks to mitigate a discovered vulnerability.
If you find something doesn’t work after an update – please contact ICT Service Desk so that we can assist.
Find out more ways to Love your Device.