Overview

UNLV Information Technology will remove administrator privileges for campus computers and install software, MakeMeAdmin, that allows users to temporarily access admin privileges on all IT-managed devices. Simultaneously, UNLV IT will encrypt hard drives on IT-managed devices.

Why Is This Project Needed?

With thousands of computers deployed to faculty, staff, and students, these devices are critical for conducting business and learning, but are also a significant point of vulnerability for cybersecurity threats. By leveraging technology that allows users only the necessary amount of access when they need it and encrypting device storage, we can help significantly reduce the risk to university’s data and computing environment.

Benefits and Outcomes

For campus customers, the MakeMeAdmin tool provides temporary admin privileges so users can make changes to their computers through a process as simple as logging in with their ACE account. Even users who did not previously have administrator access can now do more with their computers with less assistance from UNLV IT.

For the university, ensuring users do not have unnecessary full-time administrative privileges:

• Minimizes attacks by decreasing vulnerabilities hackers use to access data
• Reduces the spread of malware by only giving access for job functions at the right time
• Improves productivity by reducing system downtimes in event of breaches
• Safeguards against human error that can happen through mistakes or negligence

Additionally, encrypting hard drive data protects university and user data by ensuring only those people who should have access to a computer are able to do so, even if a computer is physically compromised.

What’s Changing

Customers who have previously had full-time administrative privileges on IT-managed computers, whether Windows or Mac, will have their privileges changed to standard user privileges. The MakeMeAdmin application will be installed to allow users to temporarily elevate their access after authenticating with their ACE account credentials, allowing them to conduct necessary changes on their computers when needed. Coinciding with the privilege changes, UNLV IT will use management tools to encrypt hard drives on IT-managed computers.

Project Timeline

Project Phases and Milestones (if applicable)

Pilot (Complete)

UNLV IT will conduct pilot testing with our internal users to ensure the success of the implementation before working with distributed campus equipment.

University Department Phased Rollout

Following the pilot test, UNLV IT will conduct privilege changes, MakeMeAdmin installation, and drive encryption one-by-one with each department. UNLV IT will inform users in the department ahead of the planned change date.

What You Need to Do

Watch for notifications from UNLV IT on when your computer will be configured and encrypted. UNLV IT will use computer management tools to enact the changes and no additional action is required, however, we always recommend keeping a secure backup of your data using a removable hard drive or syncing to Google Drive as a best practice.

UNLV Top Tier 2.0

Infrastructure and Shared Governance

The Computer Admin Access / Encryption project directly contributes to the university's goal of continually developing and leveraging the conditions necessary for success, including an improved infrastructure. The project ensures that the university's computer endpoints remain up to date, secure, and compliant with current policies. A proactive approach to maintaining and enhancing the IT infrastructure demonstrates the university's commitment to providing a robust and reliable computing environment for students, faculty, and staff.

Contacts

Technical Assistance

Contact IT Help Desk

Project Lead
Steve Ochsner, Endpoint Services Manager

Project Sponsor
Hector Ibarra, Associate Director Client Services