SMU is modernizing how University-managed Windows devices are set up, secured, and supported. OIT currently utilizes a management platform for Windows devices that helps secure and maintain SMU computers. This includes everything from the standard installation package to software updates and upgrades to security patching and remediation. Over the next year, device management will transition to Microsoft Intune, Microsoft’s Mobile Device Management (MDM) platform, aligning with Windows 11 and future versions of Windows.
This change will be phased and designed to minimize disruption while improving reliability, security, and classroom readiness. Here is a high-level timeline of what to expect:
Phase 1: Devices Enroll into Intune
(Background enrollment – minimal impact)
What’s happening
- University-managed Windows devices are enrolled into Microsoft Intune in the background.
- This prepares devices for future configuration and security improvements.
What users will notice
- Little to no visible change
- Devices continue to function normally
- No change to login or daily workflows
Why this matters
Intune allows devices to be securely managed whether they are on campus, remote, or traveling—without relying on traditional on-network tools.
Phase 2: Self-Service Software Install Moves to Company Portal
What’s happening
- Ivanti Portal Manager will gradually be replaced by Microsoft Company Portal for self-service software installs on managed Windows devices.
- Company Portal becomes the primary place to install SMU-approved/licensed applications.
What users will notice
- A new app called Company Portal
- A modern, consistent application catalog
- Easier access to approved software, especially off campus
Why this matters
Company Portal works anywhere you have internet access and integrates directly with Intune and Windows security.
Phase 3: Policy Transition Testing
What’s happening
- OIT will begin moving select settings to Intune configuration policies.
- This testing happens first on pilot groups and non-disruptive settings.
Phase 4: Policy Transition
What’s happening
- Policies are applied to devices based on user or device groups (for example: faculty, staff, labs, classrooms).
Why this matters
This improves reliability and reduces unnecessary prompts or restrictions, especially in teaching and learning environments.
Future Plans:
Transition to Entra–Joined Devices
- This will be a phased roll-out with as minimal user interaction/disruption as possible
Autopilot for All New Devices
- All new University-managed Windows devices will be set up using Windows Autopilot.
- Devices arrive to users ready to sign in—no long setup process.
Preparing for a Passwordless Future
As devices move toward Intune, we are preparing for a passwordless sign-in experience, which would allow for:
- Signing in using Windows Hello for Business (PIN, fingerprint, or facial recognition)
- No repeated password prompts throughout the day
- Stronger security than traditional passwords
While this journey will take one to two years to fully implement, we promise to keep the community informed as each stage progresses. We are proceeding cautiously to ensure minimal to no impact on SMU devices.
