Information Technology Services will be rolling out new mobile device security measures as part of a continuous effort to protect you and the university from increasingly sophisticated cyberattacks.
Colleges and universities are especially vulnerable to cyberattacks because schools possess large quantities of sensitive data and research, are inherently open access and have many users who are untrained in security best practices. Marquette sees anywhere from 1,500 to 5,000 phishing attempts alone each day; the number of attempts to breach university systems has noticeably increased since 2020. Although we have not experienced a consequential breach, it is important to remember that a team effort is necessary to protect our personal data and network stability.
IT Services knows you have questions about this new technology and is providing detailed answers. First, it is important to note the difference between mobile device management and mobile application management.
Mobile application management — which employees will be asked to enroll in ONLY IF they access university Microsoft (Office) 365 applications on their personal devices — manages only specific applications (including Outlook, Teams, OneDrive, Word and PowerPoint). It DOES NOT manage the device itself. MAM is only used to secure university data — not personal data — within these applications.
Mobile device management is a more powerful tool that will be employed only for university-owned devices. MDM uses MAM policies and device policies to secure application data and device settings. Marquette will push updates and antivirus protection to keep university-owned devices up to date and secure.
Both MDM and MAM provide the workforce with mobile productivity tools while keeping university’s data secure. Since mobile devices can be used to access critical university data, they can threaten security if compromised, stolen or lost.
Whether using a university-owned or personal device, Marquette DOES NOT have access to any of your personal information stored on the device, including text messages, browsing history, or photos. Where the capability exists, Marquette chose the option that has the least privilege while ensuring data can be protected.
A selection of FAQ is available on the IT Services website. Anyone with additional questions can submit them via this portal.
| Capability | Marquette-owned devices (uses MDM) | Personally-owned devices (uses MAM) |
|---|---|---|
| View model, serial number and operating system | Yes | Yes |
| Identify device name | Yes | Yes |
| View name of installed core Marquette Microsoft (Office) 365 apps | Yes | Yes |
| View browsing history | No | No |
| Provide permissions for the core Marquette Microsoft 365 apps to leverage camera, microphone and location for calls, meetings, etc. (Note: Marquette does not have access to view or listen to you via your camera or microphone.) | No for Apple devices, but yes for Android devices | No for Apple devices, but yes for Android devices |
| Reset lost or stolen device to factory settings | Yes | No |
| Remove Marquette data | Yes | Yes |
| See phone number | Yes | No for Apple devices, but yes for Android devices (last four digits) |
| See all installed app names | Yes (but not content) | No |
| See location of devices marked as lost | Yes | No |
| See device owner name | Yes | No for Apple devices, but yes for Android devices |
| View personal email, calendar, contacts, pictures, passwords, text messages and call history | No | No |
To ensure safe handling of university data, those with Apple and Android mobile devices will be required to use Outlook as their email app to access Marquette emails. Those with Android mobile devices will be required to download the Intune Company Portal, which will house all work applications in a work profile.
