University of Wisconsin–Madison
People forming the shape of a secured lock with tech icons

Smart Access April 2026 progress update

Whitney Jacobson

Work continues to advance Smart Access 2026 priorities. This month’s progress includes:

  • Piloting device compliance notifications on DoIT and CALS–Genetics VPNs
  • Moving forward with Elastic Cloud migration
  • Hosting office hours sessions to gather input on device compliance impacts and log management needs

Device compliance updates

Device compliance notifications were enabled on the DoIT and CALS–Genetics VPNs on March 31, 2026 to evaluate effectiveness and user experience.

Notifications currently flag:

  • Whether Endpoint Detection and Response (EDR) software is active and up-to-date
  • Unsupported operating systems
  • Devices with missing security updates more than 90 days old

Early results

Initial results show a measurable impact:

  • 22% of devices missing updates became compliant after receiving a notification
  • Over the same period, only 3.6% of devices missing updates on WiscVPN (no notifications) became compliant

These early results suggest that targeted notifications, paired with guidance and resources, may improve compliance. Additional analysis is ongoing to better understand contributing factors.

Visibility & monitoring

Internal dashboards have been developed to provide near real-time visibility into:

  • Notification delivery
  • Compliance changes over time
  • Patterns across device types and environments

These dashboards are supporting ongoing evaluation and decision-making.

What’s next

  • Continue pilots on DoIT and CALS–Genetics VPNs
  • Use results to inform decisions on potential WiscVPN-wide notifications
  • Incorporate feedback from office hours to refine approach and support planning

Additional considerations

Smart Access recognizes that some devices may not be able to meet compliance requirements due to technical or operational constraints. To address this, work is ongoing to explore:

  • Virtual Desktop Environments (VDI)
  • Secure Enterprise Browsers (SEB)
  • SASE (Secure Access Service Edge)

These options may provide alternative paths for secure access where direct compliance is not feasible.

Log management updates

Smart Access completed the purchase of Elastic Cloud licensing, along with a six-month extension of the current on-premises environment.

Over the next six months, the team will:

  • Transition log sources from on-premises to Elastic Cloud
  • Engage with current Elastic users across the university to support the transition
  • Identify opportunities to improve scalability, resilience, and long-term sustainability

This work supports improved visibility across systems and lays the groundwork for more consistent and automated responses over time.

Office Hours: What we heard

Two office hours sessions were held in March to gather input on:

  • Device compliance notification impacts
  • Log management needs across the university

Key takeaways: Device compliance notifications

  • Linux users often connect using alternative VPN clients
    • Need to assess whether these paths bypass notifications and plan accordingly
  • Support readiness is critical for broader rollout
    • Help Desk documentation and response protocols will be needed
    • Departments will need time to prepare and communicate with their users
  • Pre-notification data is valuable
    • Providing units with visibility into non-compliant devices ahead of rollout could reduce support volume
  • Clear documentation is essential
    • Documentation on what is being assessed already exists and will support consistent communication with end users

Key takeaways: Log management needs

  • Demand exceeds current Elastic capacity
    • There are significant operational logging needs across the university
  • Alerting is a high-value capability
    • Improved alerting could help identify and resolve issues earlier
  • Pattern recognition is a gap
    • The ability to detect trends and anomalies would improve operational insight into infrastructure and applications.
  • Centralized log storage is important
    • Having logs in a central store would allow systems to correlate data across sources and provide a more complete picture of activity across the university

What’s next

  • Continue device compliance notification pilots and analysis
  • Refine approach based on user experience and support readiness
  • Begin transition to Elastic Cloud and engage stakeholders
  • Use input from office hours to inform log management priorities and service development