Skip to navigation Skip to content

Supported Staff Environment (SSE)

Service Description

Information Services provides a User Desktop Support Service on the Supported Staff Environment.

The Supported Staff Environment is a 'common user desktop image' built upon a standardised operating system and a set of core applications with further access to corporate applications, as required. This standardised approach is referred to as the "Supported Staff Environment" - SSE programme.

ISD supports Office 365 on our fully compatible and tested Supported Staff Environment image. Support is also provided to Mac systems registered on the Jamf Casper Suite system. ISD will support these systems via our UniDesk Service Desk System. Systems operating outside these environments are not covered by our Service Level Agreement and will be supported on a best endeavor basis.

To become an SSE user, you will need:

Some benefits of SSE include:

  • Security - access to secure individual and shared file storage which can be accessed from any workstation on any campus
  • Reduced Risk - centrally managed Windows and Anti-Virus updates protect your PC from virus and malware attacks
  • Compatibility - compatibility with planned developments e.g. MS SharePoint, Unified Communications etc
  • Reliability - increased availability, reduction in support calls and compatibility with planned developments
  • Remote deployment - remote support allows central distribution of application software and security patches
  • Environmental - designed to reduce energy consumption
  • Managed - ability to report on hardware and software inventories

There are three SSE Service Levels which can accommodate the various Windows based user profiles. Service Level 1 is the most secure. The level of risk and responsibility on the user increases with the service level.  To reduce risk, users should select the lowest Service Level that meets their requirements.

Note: Service Level 3 (Specialist - Admin Rights) should only be made available to those IT Professionals or Developers who require it to perform their role. The following should be noted prior to considering Service Level 3:

* Granting “Admin” rights to end users makes the workstation more susceptible to issues caused by software vulnerabilities (viruses, malware etc). 
* Between 75% - 85% of malicious exploits of desktop systems could have been prevented simply by removing administrator rights from Windows users.

Service Levels

SERVICE LEVEL 1:  STANDARD (no admin rights) Aimed at the user with normal business application requirements. Centrally managed including security patches, enterprise anti-virus software and secure personal and departmental file storage. Corporate data is not stored on the local hard drive.  Additional applications can be requested either via faculty support staff or Service Desk. CONTROL and PROTECT documents are stored on home or department network shares.

SERVICE LEVEL 2: SPECIALIST (no admin rights) - Aimed at Academic  and Administrative Staff who have a reasonably static application and operating environment and who are not regularly downloading applications or have a requirement to configure their workstations. They do however need additional storage and require access to their local hard drive. Additional applications would be requested either via faculty support staff or ISD Service Desk. CONTROL and PROTECT documents are stored on home or department network shares.

SERVICE LEVEL 3: ENHANCED (Specialist - admin rights) Aimed at IT Professionals who understand the security risks associated with elevated rights. Includes Developers, System Administrators and Academic Staff who need to have access to their local configuration and regularly make changes and install software on their system. The user will have full access to their local hard drive and will have the necessary “rights” to install pplications on their workstation. Requests for Service Level 3 will have to be authorised by Deans and Heads of Department. This authorisation will include a “Compliance” statement that the user must sign to ensure they are aware of security implications associated with this operating environment. It is recommended that CONTROL and PROTECT documents are stored on home or department network shares, or on the desktop only if it is encrypted. OPEN files can be stored on an unencrypted desktop.

MAC Users – We have developed an initial Service Level 3 based on “JAMF Pro Suite” which is a MAC Management System, more information can be found at Apple Computer Support .

This service will be available to Apple desktop and laptop users. Features include:

  • Application Self Service Portal – enables users to install applications from a web interface
  • Ability to encrypt mobile devices
  • Push security patches / updates
  • Device management and reporting tools

SSE System requirements

Windows

  • modern computer (up to 3 years old, best experience from a newer computer)
  • touch enabled (for best Win 10 experience)
  • minimum 4gb ram
  • 20gb available free disk space (ntfs)
  • active directory connected (staff ad)
  • McAfee or equivalent antivirus (with latest definitions installed)
  • bitlocker (recommended)
  • operating system (up to latest patch release) (Windows 10, Windows 8, Windows 7 Service Pack 1)
  • Browser (Internet Explorer 11, Microsoft EDGE, Chrome (50+), Firefox (45+))
  • .Net (.NET 3.5 required. Some features may require .NET 4.0, 4.5, or 4.6 CLR to also be installed).
  • Microsoft Office 2016

Apple

  • An Apple mac computer with an intel processor (up to 3 years old, best experience from a newer computer)
  • Minimum 8Gb ram
  • Minimum 20gb available free disk space (hfs+)
  • System to be compliant with theApple Computer Support statement 
  • active directory connected (staff AD) for user authentication
  • McAfee Endpoint Protection software (with latest definitions installed)
  • filevault (recommended for laptops)
  • operating system (up to latest patch release) (OSX 10:12.6)
  • JAMF Pro (previously Casper) Client installed
  • Browser Latest versions (Safari, Chrome)
  • Microsoft Office 2016
  • Skype for Business

Tablet / Phone

  • modern tablet / phone (up to 2 years old, best experience from a newer device)
  • latest supported version of Windows, IOS, Android
  • acceptance of device management and remote wipe capabilities.
  • recommended the device is not jailbroken.

Business Process

The SSE service is supported via the ISD Service Desk and established user desktop support processes. ICT Customer Services administer deployment and troubleshooting activities for Central Administrative Departments and can assist SSE Service users within Faculties where faculty support is not available.

Supporting Materials

See also National Desktop and Notebook Agreement (NDNA)

How to obtain help

Contact the ISD Service Desk.

Cost

Supported at no cost (when using the standard corporate base image) by the Service Desk. Images which may be required for non-standard hardware may be subject to charging.
For more information, please see Charging for Non-NDNA Agreement Desktops and Laptop Services  (PDF document)

Who can avail of the service?

Users wishing to join the SSE scheme should contact the ISD Service Desk who will arrange a consultation with an ICT Campus Officer.

See also National Desktop and Notebook Agreement (NDNA)

Service Owner

ICT Customer Services