1. What does it mean if a DOM computer is deemed no longer secure and at the end of the support cycle?

When software and hardware are deemed no longer secure and at the end of the support cycle, it means that it will no longer be supported by the developer of the software and manufacturer of the computer. There will be no more updates. Without updates and bug fixes, the software and computer become vulnerable to hackers and cybercriminals. Once DOM-IT determines a computer is no longer secure it is placed in the schedule to be collected and must be replaced if it still needed. Refer to the Department of Medicine Device End of Support Policy for further information.

2. Is there a timeline for determining when a computer is no longer secure?

There is not a specific timeline. There are three primary factors involved in determining when a device reaches its end of support status.

• Each supported device must be running an operating system (OS) that is provided with regular and timely security updates by its vendor for it to be supported and allowed on the Department of Medicine secure network.

• The device must also be capable of running required security and management tools.

• The hardware of the device must be capable of being reasonably maintained by IT.

3. Do computers with a DOM sticker indicate it is a DOM asset even if it was funded by a grant?

Yes, the university requires Departmental IT to track all IT assets and DOM-IT labels all the assets ordered by DOM-IT with a DOM sticker. Assets ordered by DOM-IT are procured with university funds from grants, startup packages, division funds, gifts, and UWMF faculty professional funds and are considered UW property regardless of the fund source.

4. If I am required to replace my primary computer because it is no longer secure, which funding string should I use when ordering a replacement on the IT Purchasing form?

A faculty or staff members primary computer will be funded by their division. Your Accountant or Division Administrator can assist with identifying the appropriate funding string to use for a replacement computer if it is not known. If you need to replace additional equipment outside of your primary computer, faculty and APP’s must use their professional funds or research discretionary funds to purchase additional equipment.

Lab personnel will use faculty PI discretionary funds to replace computers determined to be no longer secure. However, if lab personnel must continue to use old computers to perform their work, refer to question #5 for more guidance.

Research personnel may use research-related funding, provided computer purchases were included in their research budget or RSP approval is obtained. Your Research Accountant or DOM ORS can assist with obtaining any required approvals. Alternatively, PIs may use discretionary funds to replace computers for research personnel.

5. Will old computers with DOM stickers, that are not connected to the K-drive server be forced into retirement?

No, if you have a business need to continue using a computer approaching end-of-life, you can submit a Request for Extended Device Support. Devices approved for continued support will have security controls in place to reduce risks, such as no access to the internet.

Please note: This exception is for those use cases where research equipment is connected to a computer has specific requirements to run. DOM IT is responsible for any device, virtual or physical, used to conduct UW-related business, that connects to the UW System-managed network, and/or used to access, manage, process, or store UW System data.

6. What happens to the IT equipment that is deemed no longer secure and is collected upon DOM- IT request? Specifically, computers that were purchased using grant funds?

All computers supported by DOM IT are considered university owned and will follow the same collection procedures regardless of the funds used to purchase this equipment. The computer’s hard drive is removed and destroyed to comply with the UW-130 Destruction/Disposal of Protected Health Information and the rest of the system is sent to UW-SWAP.

7. If the collected computer is refurbished and sold (e.g. through UW-SWAP), does the money from the sale get returned to the grant from which it was initially purchased, or does UW/DOM receive the money from the sale?

No sales or credits occur when computers are sent to UW-SWAP. Computers sent to UW-SWAP for recycling are sent in a non-functional status.

8. Will DOM-IT collect my computer before I have a replacement?

No, DOM-IT will continue to support your computer until the replacement is deployed or will continue supporting the computer if a Request for Extended Device Support is submitted and approved.

9. Why does my device run slower over time even though I'm not doing anything different with it?

There are several reasons for this, however, one major reason is the required management tools currently in use are always evolving to be more powerful and robust which require more computing resources being utilized per device over time. As machines age, they have fewer resources available to do meaningful work because the management tools start using too high of a percentage of the set amount of resources available. Sometimes this can be mitigated by upgrading the ram or increasing the speed of a CPU or hard drive, but the industry trend is to manufacture machines that are not upgradable any more than what’s provided at the time of purchase. This explains why a given device tends to slow down over time even if the actual meaningful workload doesn’t increase. Once the combined utilization of management tools and useful work become too great for a particular device, software tends to crash or at the very least run extremely slow and this has a large effect on the efficiency of any particular workflow. When hardware cannot meet the demands of running all of the required management tools and do meaningful work at the same time it is a good sign that it should be replaced with something newer.

 

Related Documents

SMPH Endpoint / Device Standards

SMPH-6010 Endpoint Security

UW-526 Endpoint Management and Security Policy

UW System Administrative Policy 1036: Endpoint Protection

 

 

16171082023827

Was this article helpful?

0 out of 0 found this helpful