Intercollegiate Athletics IT Support

157 Bryce Jordan Center, University Park PA, 16802

ICA Device Policy (ICA–DEVICE-03)

by

  1. Approval and adoption and revision
    Approved by the Information Technology Manager on March 21, 2023.
  2. Purpose
    Provide oversight on the purchase and control of computing equipment used by Athletics staff members.
  3. Scope
    This policy applies to all computer and communications devices owned or operated by Intercollegiate Athletics excluding cell phones.
  4. Policy
    1. General
      All devices must adhere to Penn State University acceptable use policies (AD96).
    2. Budget
      1. Any device purchased, regardless of budget, will be the property of ICA and strictly controlled by Athletics IT. Initial purchase of computer hardware for newly created positions will be purchased using the department’s funds. Future upgrades and replacements on these devices will be funded by the Athletics IT budget. Devices for staff members requiring specialized hardware or software will be discussed on an individual basis. Funding for these devices will be discussed individually as well.
      2. All IT-related purchases must be made through the Office of Athletics IT. Requests will be made in writing through the team’s senior administrator, and budget information must be supplied at the time of order.
    3. Workstations
      1. If a new workstation (laptop or desktop) purchase is required, the models of choice will be determined by Athletics IT.
        1. Available models will be determined by Penn State’s Dell Standard Configurations selection which is renewed yearly and Apple’s availability in their store.
        2. Preferred workstations will be determined by Athletics IT based on cost, ease of deployment and maintenance, and need.
          1. Dell workstations will be the default brand.
          2. Athletics IT will discuss purchasing requirements with departments that require specific hardware due to software needs.
      2. Workstations will remain within the department in which it was purchased unless otherwise noted.
    4. Other Devices
      1. Athletics IT will provide a list of preferred printers, tablets, other computer peripherals, and other devices.
      2. All purchases are subject to approval by a budget administrator and Athletics IT.
    5. Useful Life
      Athletics IT will replace the primary computer at their expense when the useful life of the product has been reached. Useful life is defined as the duration of time between purchase and when the device’s functionality is limited, obsolete or can no longer function due to hardware or software limitations.
    6. AntiVirus & Vulnerability Scanning
      1. All Athletics-issued devices will have an antivirus platform applied during imaging.
        1. Athletics-issued devices will comply with Penn State policies regarding which software packages are deemed necessary.
        2. Athletics IT will use various methods to achieve full compliance on all devices.
        3. All antivirus solutions will automatically update to ensure compliance.
      2. All Penn State networks issued to Athletics will allow scanning by Penn State automated vulnerability scanners unless otherwise noted.
        1. In the event that Penn State automatic vulnerability scanners detect an issue, Athletics IT will take appropriate action to rectify the incident, including but not limited to removal of the device from Penn State networks.
    7. Software Patching
      1. BigFix (IBM Endpoint Manager)
        1. Software installations, patches, fixes, and scripts can be run from the BigFix console by all IT personnel. Monthly, all common software applications with patches are pushed by the console to all applicable workstations. Servers are excluded from BigFix patching.
      2. WSUS
        1. Critical and Severe patches are automatically assigned and delivered as released by Microsoft to workstations and servers. Other security patches need to be manually approved by IT personnel after successful testing and delivered to downstream machines.
        2. JAMF
          1. All Athletics-issued Apple devices are bound to the JAMF infrastructure.
      3. Patching Schedules
        1. BigFix (IBM Endpoint Manager)
          1. Patches are usually delivered overnight to avoid interruption to users unless warranted due to criticality.
        2. WSUS
          1. Workstations
            Workstations check in every ten hours for available updates. Any updates marked Critical or Severe are automatically accepted. Other updates manually approved by IT will be downloaded at this point. Installation is required to be performed no longer than two days after installation. The user may choose to postpone updates until that deadline after which the workstation will automatically apply the update.
          2. Servers
            Servers check in every ten hours for available updates. Any updates marked Critical or Severe are automatically accepted. Other updates manually approved by IT will be downloaded at this point. Installation occurs during the patching window applied using Group Policy rules set up during domain registration. Certain servers are excluded from automatically patching on a schedule and require manual reboots.
          3. Micros
            Micros terminals located in Beaver Stadium are patched prior to the fall football season. Patches are then suspended for the duration of the semester. Micros terminals in other venues are patched as normal workstations.
          4. XOS
            XOS terminals are patched prior to the fall football season and after the season ends. Feature updates to new Windows versions are limited to the approved versions by the vendor.
        3. JAMF
          1. Athletics-issued Macs are bound to the JAMF infrastructure. OS patching is performed manually by IT personnel. Macs which utilize highly specific software such as Photoshop, Premiere, or HUDL may avoid OS updates. “Dot” releases are patched automatically as released by Apple.
      4. Patch Testing
        1. Patches will be tested on a small subset of computers before being pushed to all Athletics computers. Once considered safe, the patches are pushed to all applicable devices.
    8. Life Cycle
      When a device has reached its end of life, it shall be subject to this policy.

      1. Definition
        1. A device is deemed to be at “end of life” when its usefulness to the Athletics department has been exceeded, or if the vendor support on the device has been exceeded and the device’s security posture is reduced as a result.
      2. Reissuing Devices
        1. Devices that have not yet reached their end of life and can be reissued to employees will have their system reimaged using the same hard drive. All machines will be reimaged with the latest approved operating system unless an exception is granted.
      3. Sanitization of Data
        1. All hard drives, tablets, or cell phones are to be wiped of data before being reissued to new users. Devices which have reached end of life or beyond repair and warranty are sent to Penn State Surplus & Salvage for destruction of data and recycling of the device.
Print Friendly, PDF & Email
UNIVERSITY PARK WEATHER
Intercollegiate Athletics IT - 157 Bryce Jordan Center, University Park PA, 16802