Under the Endpoint Protection Standard (EPS) all university owned computing endpoints must comply with a list of controls outlined in the EPS. Identifying endpoints that are currently unmanaged, with the intention of bringing them under management, will assist in meeting compliance. This document is specifically for end users in units supported by the OIT Managed Desktop Service (OIT-MDS) and is scoped to ensure compliance with Phase 1 of EPS implementation plan.
How To Identify An “Unmanaged Endpoint”
Start with the End User - The user(s) of each endpoint are often the best source of information regarding whether an endpoint is managed. They might update the applications on the machine themselves and will likely have administrative rights to manage that endpoint. They will usually know if they have an unmanaged machine. Most of your unmanaged endpoints can be identified by the end user. It is their individual responsibility to let LANTechs and OIT know about any unmanaged machines they use. Ask them to self identify and provide the requested data.
Look for the Label - OIT-MDS follows a standard practice of providing a label for convenience of support on all endpoints that we support. Typically they include the Computer or Machine name, MAC address, and sometimes the IP address. These labels are usually placed in a visible location on the top or side of desktop towers and on the bottoms or on the palmrest of a laptop.
Computer Name - Each endpoint should have a name listed in it’s settings to uniquely identify it. Users may be familiar with their organizational unit (OU) designation which makes up the first part of that name. Examples: CONGRANT, FINAID, GLBT, UNIVAUD. The first part of the name will include that designation. Most endpoints that include those naming conventions are highly likely to be managed, but there is a possibility they are not. However, this naming convention is a strong indicator the machine is already managed. End users will be able to provide further details, based on the computer’s behavior and who they call for support, to help determine whether their endpoint is managed by OIT.
Mac Self Service option - Mac endpoints currently under OIT management will have Self Service enabled in their Applications pane. If Self Service does not appear it is NOT being managed. Look under Applications for "Self Service".
Miscellaneous Indicators - OIT managed endpoints will exhibit specific behavior. Desktop computers will include the OIT Managed Desktop background when locked. If left powered on over the weekend they will have been restarted by Monday morning and require the user to login. Users may have received a WolfAlert warning on the desktop during a dangerous weather event. Users will have received regular support from OIT-MDS staff if they needed onsite assistance. If the endpoint is unmanaged they will have received limited support and OIT staff will have informed them the machine is unmanaged.
Any questions on process or content contained in this document should be escalated through the NCSU Help desk and a have an incident assigned to the OIT_DESKTOP_SUPPORT team.
Rule 08.00.18 - Endpoint Protection Standard
https://ncsu.service-now.com/sp?id=kb_article&sys_id=179e6be6dbfbaf88d3bc9c16db961927
https://ncsu.service-now.com/sp?id=kb_article&sys_id=40c28846db007340d3bc9c16db961948
Title: Identify an Unmanaged Desktop or Laptop
Service: IT Service Delivery & Support
Template if applicable: NA
Assignment Group(s): OIT_DESKTOP_SUPPORT
Document Owner: OIT_DESKTOP_SUPPORT
Available Priorities: Medium, Low
Keywords: is my desktop managed, how do I know if my desktop is managed, is my computer managed, OIT Managed Desktop Service, how to tell if my computer is managed, is my endpoint managed, is my Mac managed, is my laptop managed, Identify an Unmanaged Desk