macOS Security Transition Documentation - Spring 2023

What this is and why it is needed

Up to date operating systems are an important part of ensuring that campus owned computers run to the best of their abilities and ensure the ability to run the most up to date versions of the software that faculty and staff leverage in their daily duties. Additionally, an up-to-date operating system also ensures that campus owned Macs are patched against the latest threats.

With this process of ensuring all campus Macs are up to a supported version of macOS, SUNY Fredonia will also be implementing a new security baseline for campus owned macOS devices. The need for this baseline is to properly secure campus owned Macs to conform to the compliance required by New York State and our cyber insurance policy. Part of this new baseline will also create a better framework for keeping macOS operating systems up to date across campus.

Described in the links below, there will be a number of changes that you might notice as part of your general usage of your campus supplied Mac. Some of these changes might be extremely small and others might be more noticeable. For that reason, we will try explain the need for those larger changes so that you can better understand the need.

How this will occur

To facilitate a consistent approach to our macOS configurations for Faculty and Staff going forward, there will be a transition to bring your Mac into the new security baseline, on the latest campus supported version of macOS. To this end, the process of the transition will be the following:

  1. SUNY Fredonia ITS will review the campus owned Macs deployed to your department and create a ticket in Tracker for each computer and include the following information:

    1. Currently installed software that is not part of the standard install and verify if the software is still approved and supported on the current version of macOS

    2. Currently installed campus printers

    3. The user that it appears to be assigned to

  2. SUNY Fredonia ITS will reach out through the Tracker ticket (email) to the assigned user and discuss any software that is not currently supported/approved so that a can be submitted to start the review process. This must occur for any software installed on campus owned computers, regardless of cost, even if it is open source. At this time, you can let us know of any software that is no longer needed.

  3. Once the software is approved or determined to not be needed, it is important to back up all of the important data from your computer. The following link with give you a list of . The suggested first choices should be OneDrive for Category 1/2 data (due to the forthcoming hard quota in Google), and an M or U drive for Category 3 data. Directions for and are in those links.

  4. Once you data is backed up, the transition will be scheduled. For laptops, you will drop the laptop off to the ITS Service Center. For desktops, the transition will occur at the location of the computer (so long as it is possible). At that point, the Mac will be erased and have the latest campus supported version of macOS installed.

  5. After the installation of a clean macOS and the deployment of our standard security, any approved software you need will be installed on the Mac and printers that you previously had will be deployed as well. Once completed, the tech will make sure that you can log into the computer and that everything looks correct.

What is changing

As mentioned in the first section, below are links to other KB articles detailing the main changes that you might experience and, where applicable, the reasoning behind the change. Due to the multiple configurations based on age of the machine, you might experience changes that might be different from your colleagues; if you have any questions, please submit a ticket by emailing Tracker and we can assist.