Mythbusting managed workstations: Protecting your data, ensuring fitness for purpose, and supporting your autonomy

February 4, 2021

What comes to mind when you think of your managed workstation? We often hear “managed workstations are terrible,” “managed workstations are so locked down, I can’t do my job,” or “my managed workstation is too slow.” Yale’s Endpoint Engineering team has taken these sentiments to heart and has made great strides in improving how we approach managing workstations. To quote our CISO, Paul Rivers, “we need to start thinking about fitness for purpose, rather than the binary concept of managed versus non-managed when thinking of endpoint machines in our environment.” Our goal is to provide endpoint computing platforms that meet Yale’s required Minimum Security Standards (MSS), thus protecting the institution with little to no disruption to functionality. Via a combination of both having the MSS in place and these devices getting security patches via automated process, they are highly stable and very reliable.

Selecting one of our standard machines provides you the best value for your purchase from a hardware perspective. We make decisions about our standards by consulting with representatives throughout the community. Although one can no doubt find computer hardware cheaper out there, it may not be fit for purpose and will not be part of our very robust warranty programs.

We have come a long way relative to the impact of patching, the ability to install software on-demand, and security, yet we still have plenty of work to do. We need to better market features we’ve already implemented to improve functionality, such as the Software Center, which allows published software to be installed, at will, and without administrative rights (not to be confused with the Software Library) - see Knowledge Article KB0023195. Our team continues to work hard to allow even greater flexibility installing software at will without giving away the “keys to the kingdom.” We have dramatically improved the machine deployment process and don’t require that people be on campus for us to assist them in configuring a new, replacement, or repaired computer. The future is even brighter; just around the corner, these machines will automatically configure themselves once connected to the internet, regardless of the device’s location (e.g., home, abroad, on-campus).

Our quickly maturing virtual computing environment, MyApps at Yale, is even more reliable and secure. We have rebuilt MyApps using Windows Virtual Desktop technology in place of Citrix, allowing all faculty and students access to a full Windows 10 computer, virtually, from anywhere. To date, we have logged connectivity from every continent, apart from Antarctica. Most of our team will eagerly volunteer to travel there to complete our global picture if funding is available.

What’s next? Select members of the community may receive a survey requesting feedback on your experience using a managed workstation and renaming the service to Bulldog Workstation to reflect our new approach to the platform.

Want more information? Visit the Managed Workstation Program service offering page, or contact

Service Quality