June Technology 2020
Configuring Your iPad
Students at Bellarmine are connected to our systems once their iPads are configured for school use. Unconfigured iPads are not allowed on our network. If you have purchased your iPad through Bellarmine, our partners at Apple Education have already setup the device for automatic configuration.
If you purchased your iPad elsewhere, then you will need to bring your device to campus to be configured by the Digital Services staff. Please wipe the iPad first. Leave your name, phone number and email address with the iPad you drop-off to the Academic Commons in Orell Hall. The process usually takes 24-48 hours.
Before you begin your setup process, you will need an AppleID. If you are setting up a new iPad, then the setup wizard on the tablet will ask you to supply or create an AppleID. If you are using an old iPad, it probably has an AppleID already configured. The AppleID is used for many things, including backup & recovery and book purchases.
- Open Settings.
- Press Passwords & Accounts.
- Press Add Account.
- Press Google.
- Enter your full name, Bellarmine email address and password.
- Change the description to Bellarmine, then press Next.
- Press Save.
Bellarmine uses Jamf, a mobile device management tool, to track and configure iPads used at Bellarmine by teachers and students. The following disclosure explains the capabilities of Jamf. Bellarmine limits its use of Jamf to the successful execution of our 1-to-1 mobile program.
JAMF for Schools
Capabilities and Usage Disclosure
Network Access Policy:
Access to the Bellarmine school network is restricted to employees and students. We seek to maintain a productive, secure, and properly supervised environment. Access to Bellarmine's network is granted by the Digital Services Department. Visitors are segregated into an isolated BYOD network. Installation of the JAMF school manager is a prerequisite to all mobile Wi-Fi connections. Devices are identified by serial numbers and/or MAC addresses. These hardware identifiers are associated with the names and email addresses of authorized users.
JAMF for schools collects information about the device on which it is installed, including an estimated location, network connection status, installed software and hardware utilization. Direct access to this device information is restricted to Bellarmine Digital Services staff. JAMF also gives Bellarmine ICT staff the ability to manage a device remotely. Bellarmine uses JAMF to assist users with support issues, to distribute software, monitor compliance with the acceptable use of our systems, report on system utilization for capacity planning and protect our systems from security threats or abuse. Parents may request reports of their sons' or daughters' technology usage by sending an email to firstname.lastname@example.org. School administrators may also request and be given information regarding a student's technology use. Bellarmine may be compelled by the courts to disclose network information as part of a legal proceeding. Otherwise, if a device is appropriately and legitimately connected to Bellarmine's network, Bellarmine will not disclose information collected using JAMF to employees or third parties. Bellarmine will not relinquish remote control of managed devices to employees or third parties.
JAMF School MDM Capabilities
- Apple iPad, iPod Touch, iPhone, Apple TV (iOS 5 or higher)
- Mac OS X (10.5, 10.6, 10.7, 10.8, 10.9, 10.10)
- Managed via the web using JAMF’s secure browser based dashboard
- Centralized administration of managed devices
- Role-based administration
- Inventory data export to CSV
- Remote command line
- Administrative event log and activity log
- Automatic alerts for installed software, enrollment, and dynamic security reporting
- Copy profiles across different networks
- Enterprise wipe and dissolving management profiles (Enterprise only)
Software and App Management
- Inventory of installed software and apps.
- Custom deployment of software and App Store apps.
- Integration with Apple App Store and Apple’s Volume Purchase Program.
- Software installation via .pkg (Mac).
- Software uninstallation (Mac).
- Custom uninstallation of iOS apps.
- Restrict app installation.
- Restrict in-app purchase.
- Unauthorized software and app installation monitoring and notification.
- Custom deployment of files, documents, apps (iOS and Android).
- Update and deploy the latest version to devices (iOS and Android).
- Managed and distribute app licenses (iOS with VPP).
- Deploy iBook licenses.
- Restrict use of camera (iOS)
- FaceTime, Siri, iTunes Store, multiplayer gaming (iOS)
- Restrict content consumption (YouTube, explicit music & podcasts, content rated movies, TV shows, and apps) (iOS)
- Force encrypted backup (iOS) and encrypted storage (Android)
- Enforce passcode policies and failed entry device wipe policy (iOS)
- Single App mode (iOS)
- Automatic and white listed content filter (iOS)
- Restrict use of AirDrop (iOS)
- Restrict changes to cellular data usage for apps ( iOS)
- Toggle Voice and Data Roaming Settings (iOS)
- Restrict which Airplay devices are listed (iOS)
Troubleshooting and Live Controls
- Remote device lock, unlock, and wipe (iOS)
- Remote reboot and shutdown (MAC)
- Remote desktop and screenshot (Mac)
- Access device process list (Mac)
- Send instant notification to device (Mac)
- Monitor active TCP connections, TCP stats, and routing table (Mac)
- Selective Wipe (iOS and Mac)
- Toggle voice and data roaming (iOS)
- Initiate Airplay remotely (iOS)
- Device location using device WiFi, IP address, and GPS data
- Containerization, separation of Managed and unmanaged data (via Open-in with iOS)
- Unenrollment monitoring and notification
- Antivirus, antispyware, firewall, disk encryption, passcode and password, screenlock, timeout , and jailbreak and root detection
- Restrict access to iCloud (iOS)
- Restrict users to accept untrusted TLS certificates (iOS)
- Force encrypted backup (iOS) and encrypted storage (Android)
- Global HTTP Proxy (iOS)
- Enforce pass-code policies and failed entry device wipe policy (iOS)
- Customer Certificate Signing for certificate provisioning
Network Configuration Deployment
- Deploy WiFi settings including WPA2-PSK & WPA2-Enterprise (iOS and Mac)
- Deploy VPN configuration and authentication settings (iOS and Mac)
- Deploy server side digital certificates (iOS)
- Automatic Wi-Fi EAP-TLS certificate based authentication to wireless (iOS, An-
- droid, and Mac)
- Deploy Airplay destinations and passwords
- App enrollment (iOS)
- On-device enrollment (iOS)
- Integration with Apple Configurator & Apple iPhone Configuration Utility (iOS)
- SMS or email enrollment invitation (iOS)
- Manual installer deployment (Mac)
- Quarantine devices upon enrollment (iOS, Mac)
- Hardware vitals and specs reporting
- Network access, connectivity, signal strength monitoring
- Restriction compliance monitoring
- Device location with device WiFi connection, IP address, and GPS data
- Battery, storage, RAM and CPU usage, outage monitoring
- Network location override
- Group Policy integration into JAMF
- Active Directory and LDAP integration at time of enrollment
- Automatically apply tags and device owners based on Active Directory and LDAP groups
- Automatically distribute and revoke App licenses with VPP
- Exchange Active Sync email account provisioning (iOS)
- Assign owners to devices