How To: Register Your Norwich-Owned Apple device with Microsoft Entra

To comply with cybersecurity insurance and information assurance regulations and requirements, we must base staff and faculty access to Norwich resources on the operating condition of the computers they do their work from. To accomplish this, we are using a service provided by Jamf and Microsoft to evaluate a computer's security and base a compliance flag in Microsoft Entra showing the device as able to access Norwich-owned resources. This is a part of our larger move towards a more secure computing environment, including moving our Windows machines to Intune, and deploying proper bring-your-own-device policies (to be announced later).

Currently, the compliance requirements for a Norwich Mac computer are:

• Your account must be enabled
• Your computer must be on macOS 13 or higher
• Your computer must have been rebooted within the last 14 days. This is a rolling 14-day window.

The compliance requirements are subject to change based on Information Security requirements, user risk status, and any other factor that would require changes to the compliance policies. If your device falls out of compliance, it will be flagged as non-compliant in Entra, reducing, or removing, access to some or all of Norwich-owned resources. This also helps us ensure our computer fleet stays up to date with OS and security updates, as well as ensuring our users are rebooting their computers on a regular schedule. Also, it provides a method that ensures Norwich-owned data is only being accessed from known, up to date, and compliant devices, and that the highest level of confidential data is only accessed from Norwich-0owned systems.

Once we open the registration, you will receive a notification in the Notification Center area, as well as in the notification area of the Norwich Self Service application, to register your device with Microsoft Entra.

Please note: This MUST be done using this method, any attempt at registering your device using another method will not work.

 To register your macOS device, ensuring access to Norwich resources, follow the instructions below:

1. Navigating to the registration page:
   1. Clicking the Notification Center flyout notification will open the Norwich Self Service application and will bring you to the registration page
      
   2. Clicking the notification in the Norwich Self Service app will show you a link that will also take you to the registration page.
      
2. Once you see this page, you can read the description, and then click ‘Register’ when you are ready.
   
3. The Company Portal application will open, click the ‘Sign In’ button.
   
4. You should see a window pop up over the Company Portal app that says it foundf your account
   
5. Select your account and you should be signed in automatically, if not, complete the sign in process, and then you should see some processing messaging, and eventually you should see this screen
   
6. You have now completed the process of registering your Norwich-owned Mac computer with Microsoft Entra.

To register your iPad:

1. Open the app called Jamf Self Service and initiate the registration process by tapping 'Register' on the 'Register with Microsoft' entry.
   Note: When registering, users must use Safari.
   
2. When prompted, tap 'Open' to launch the Microsoft Authenticator app.

3. Enter you Norwich credentials in the Microsoft Authenticator app.

4. When prompted, the tap 'Register'.

5. Jamf Self Service reopens and displays a registration success message, you are finished.