Unmanaged Devices Connecting to the University Network
ITS Standards
Introduction
The purpose of this document is to introduce the set of standards that are required to adhere to the operation within the University at Albany’s network. Devices and Workstations that are connecting to the University network must follow the Responsible Use of Information Technology Policy. It is important to note that unmanaged devices that are running outdated operating system or software poses security risks to the University network.
Unmanaged Definition
Unmanaged devices are devices that are University Owned and are unable to be on ITS device management solutions such as Active Directory, Mobile Device Management, JAMF, etc. Examples of these devices are Apple Vision Pro, VR devices, RaspberryPIs, and general Internet of Things (IoT). Another factor contributing to unmanaged devices could be business or research constraints preventing their management. It's crucial to emphasize that devices must be set up by default to enable effective management.
Connecting to the Network
Student
Student's devices on the dorm side must be registered using Apogee registration. For those on campus must use the Eduroam network.
Faculty or Staff
Faculty or Staff must see their Technology Coordinator to register their devices in NetReg. Faculty or Staff's devices must also have a description of the device and its purpose. Network printers, IoT (Internet of Things) or other such embedded devices are required to be place in the internal, private network.
Remote Access
To securely access your unmanaged device remotely, members of the UAlbany community must use the University's VPN (Virtual Private Network). It is supported by ITS and is the recommended secure method for accessing the University's network. Palo Alto GlobalProtect is the current service that is being used. This service can be found at https://uavpn.albany.edu/. For more in-depth information regarding to VPN on campus visit the VPN Wiki Page.
Unmanaged Devices Requirements
Any device (desktop, laptop, phone, tablet, VR Goggles, etc.) connecting to the University at Albany campus network, either locally or remotely, must comply with the following standards:
The operating system (OS) and installed software applications must be currently supported and have all updates, patches and fixes to protect against known vulnerabilities. Where possible, automated updates must be enabled. Devices running outdated operating systems must be kept off the University network.
Be free of malware (viruses, Trojans, worms, bots, spyware, etc.).
Have an installed, operational, antivirus program with up-to-date virus definition files. The highest level of antivirus protection is provided by using the auto-update feature. Managed University-owned machines are equipped with Microsoft Defender for Endpoint.
Complex passwords must be used on any device connected to the University network.
Use an installed firewall, especially if it is supplied with the operating system.
Unmanaged devices would be supported by ITS with best effort of support. For instance, any new/old technology that ITS currently does not support may have some consultation but no guarantee of support.
Unsupported, out of date OS (Ex. Previous versions of Windows like Windows 7, XP, 98…) is not allowed. Please contact askIT@albany.edu for more information.
Note: Windows 10 End-of-Life October 14, 2025. Machines with Windows 10 must be upgraded to Windows 11.
Additional Notes for Researchers
Researchers that require usage of outdated operating systems must be either off the network or under a private network with firewall filters in place so that only the researcher and/or their students can access information. Please contact askIT@albany.edu for more information.
Network Access Storage device (NAS) must receive the approval of Information Security Office. Such devices and their owners are required to meet the Standards for Connecting Servers to the University Network as well as any data compliance requirements as set forth by regulatory agencies.
Suspension of Network Access
It is important to note that if ITS deems that the device cannot be supported by them, then the owner of the device should find alternative support. ITS reserves the right to suspend the network access of any device connected to the network that represents a threat to the confidentiality, integrity or availability of University information assets, including systems which are not compliant with University policy, regulatory or legal requirements. Such suspension shall include notification to the registered user. See also the University's Information Security Policy.