Versions Compared

Version Old Version 5 New Version 6
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This page explains the changes, and what Biola employees need to know about how the changes will affect their computing experience.

...

Table of Contents
maxLevel1
minLevel0

 

...

Macintosh

Security and Privacy

  • Removed access to the "Security and Privacy" System Preferences pane.
    • FileVault Settings
    • Firewall Settings
    • Privacy and Location tracking settings
    • Apple Gatekeeper settings
  • Enforce ask for password immediately after screensaver or sleep. 
  • Enforce screensaver enabled after 15 minutes of inactivity. 

...

  • FileVault 2 Disk Encryption is enabled on the boot drive of the computer.
    • On computer restart, users will be presented with the FileVault 2 login screen. 
    • Only "enabled" users will be allowed to login to the computer.
      • Active Directory groups are not supported by FileVault 2. 
  • Password changes
    • When a user changes their NetID password (via login.biola.edu, for example), the password is scripted to sync with the computer, so on next boot the will enter their new password. 
      • Users will have to update their keychain password after login by entering their old password. 
    • If the new password doesn't work for some reason (indicating the scripted sync didn't work), users should login while plugged-in vie ethernet cable. Logging in with the old password will then get the user past the FileVault 2 login screen, but will not get past the OS login screen as it normally does. The user will then need to login again, using the new password. This will then force a sync. 
  • Helpdesk Support
    • When a user needs help from the Helpdesk, a Helpdesk technician will first need to enable the IT Helpdesk user account to get past the FileVault 2 login screen.

Windows

BitLocker Disk Encryption

 

  • BitLocker Disk Encryption is enabled on the boot drive of the computer.
    • The user experience will be seamless as BitLocker directly integrates with Active Directory.
    • Any user that is "allowed" to log-in to the computer can "unlock" the computer.
    • Password change procedure has not changed.
  • Helpdesk Support
    • Helpdesk technicians will continue to use their admin_NetID accounts to service computers.

Image Added

BIOS Restrictions

 

  • Bios Admin password has been set. (Never to be given to the end user)
  • Users will only be able to boot to the local HDD/SSD. 
    • PXE and Alternative media boot will need the BIOS Admin password.

 

Image Added

Screen Saver and Lock Screen

  • Screen Saver is enabled by default.
  • Mystify screen saver has been set and can not be changed.
  • The screen saver has been set to start after 15 minutes of inactivity and can not be changed.
  • On screen saver exit (computer resume) the computer will display the logon screen.  This can not be changed.

Image Added