As an outcome of the grievance award, enrolment of personally-funded devices ("PFD" or "BYOD"; e.g., personal cell phones and laptops) of Term Adjunct Faculty Members represented by QUFA in the Endpoint Assessment tier of Endpoint Security will become optional.
The Endpoint Assessment tier of Endpoint Security uses Microsoft Intune to assess the security posture of a device when the community member signs in. On June 2, 2025, Term Adjunct Faculty Members represented by QUFA were required to enrol in the Endpoint Assessment tier of Endpoint Security to access specific Queen’s applications, including Microsoft Outlook, Teams, and OneDrive.
Coming in early 2026, Term Adjunct Faculty Members represented by QUFA will no longer be required to enrol their devices in Endpoint Assessment and will be able to opt to have their device unenrolled from Microsoft Intune.
Term Adjunct Faculty Members who choose to unenroll from the Endpoint Assessment tier of Endpoint Security will be subject to other compensating cybersecurity risk mitigation controls as part of the new Protected Access tier of Endpoint Security. These controls will minimally include:
- Restricting access to specific Queen’s applications through a specific browser (Microsoft Edge).
- A requirement to only use stronger MFA methods (no more SMS or voice verification).
- More frequent session re-authentication requirements (such as re-entering your password and re-asserting your second authentication factor every few hours).
- Enforcing email sending limits.
- Restrictions on specific activities (for example, a requirement to re-authenticate (sign-in/answer MFA challenge) when performing specific actions such as creating email rules, sharing files from OneDrive with people outside Queen’s, deleting more than 50 files at a time or modifying existing share settings/permissions).
The Protected Access tier of Endpoint Security is expected to be available in early 2026. More information will be shared directly with Term Adjunct Faculty Members as the university finalizes the design and prepares to implement the Protected Access controls.
Term Adjunct Faculty Members who do not wish to be subject to the compensating cybersecurity risk mitigation controls of the new Protected Access tier of Endpoint Security may, at their option, maintain enrolment of their devices in Microsoft Intune.