Skip to main content

Mac Management

Why does my Mac need to be managed?

Accessing UMSOM data through applications like Outlook and the OneDrive sync client keep company data cached on your device. Due to various HIPPA/State compliance requirements, we require all data to be encrypted at rest. Intune can assure SOM IT that any Mac accessing UMSOM data via an installed application is secure. SOM IT has the ability to remove all company data from the device in the event of theft/loss.

By failing to enroll your Mac with Intune, you are giving up your right to use installed applications with your UMSOM account. The only way to access company data at that point would be by logging into the Office 365 portal (https://portal.office.com)

Please refer to this document if you have any questions in regards to what UMSOM IT can or cannot view on your device:

Personal vs Corporate ownership

Devices enrolled will automatically get identified first as "personal". A personal device's compliance requirements are less restrictive than corporate owned (UMSOM) devices. You must bring your device into compliance before the installed applications continue to work with UMSOM data.

Personal device compliance requirements:

  • ​Encryption Enabled
  • Password Required to Unlock, Minimum Password Length- 4 characters

Corporate device compliance requirements:

  • ​System Integrity Protection
  • Require device encryption
  • Screen Lock after 15 min of inactivity
  • Password Required
    • Simple passwords blocked
    • Minimum password length - 9 characters
    • Alphanumeric password required, 1 non-alphanumeric character required
    • Password expires every 365 days
    • Prevent last 20 PW's to be reused

Microsoft Office, Microsoft Teams, and the OneDrive sync client will be automatically installed via Software Deployment for corporate devices only. If your device is university owned, it is your responsibility to ensure that the device is properly registered. Please contact SOM IS if the device type isn't correct (see below screenshot). Note: All Mac devices bought by SOM IS since 2015 should automatically enroll as corporate devices.

Personally owned devices can install Office via the O365 portal, and Teams/OneDrive via the Mac app store.

Device compliance

As stated above, device compliance is mandatory to access SOM resources via desktop applications. If you receive a message similar to this, you must enroll your device into Intune for it to continue working

 

Enrolling your Mac into Intune

1.) Go to https://portal.manage.Microsoft.com and sign in using your UMSOM credentials

2.) Click the "" icon in the upper left of the screen, or click the link (screenshot below) to enroll your Mac

3.) Install the company portal app. Launch it from your Mac and sign in. Registration will begin at that time.

4.) Approve any profiles that may be required. If you get stuck, the app has links which should launch the windows where the change needs to be made (you can refer to the video for more examples).

 5.) Verify the device is in compliance. If it is not, use the instructions inside the company portal to remedy the issue. Once the compliance status is met, Outlook and other Office apps will now work.

 

Enrollment Instructions (video based):