The security department has a lot of work to do to keep track of all the devices used in the flexible office. These include desktops, laptops, phones from various manufacturers and tablets. Unfortunately, it is also common for too many other devices to be allowed, such as personal tablets, home gaming computers or computers in hotel lobbies - with no regard for IT security.
Some companies have their own IT security departments that have all their devices under control, but too many don't have a handle on all the devices their employees use. This may be due to a naive "it won't happen to us" mentality or simply an overloaded IT department that doesn't have the time.
Rikard Burman is a security expert at AddPro and has seen first-hand what can happen when devices are not effectively protected. Don't forget that secure hardware is required to work safely in the cloud - and no hardware is secure out of the box. To gain control of and secure all the devices used in your business, Rikard recommends looking at the following features:
What does the login look like? Does everyone use a PIN code on their mobile? A computer with or without a password? How qualified is the password? If a user chooses to change the settings, they will lose access until the settings are restored. The device is only considered secure if all settings are correctly configured. How secure is a computer or phone without a password and with an older operating system that is not updated? Not very. Security is affected by the devices that connect to your services. By requiring the devices that will use your company's services, IT security and user safety are much improved.
We change phones and computers all the time, but how often do we clean old devices off the trusted list? The list of devices that have access to your company's resources can be long and tedious to manage. In a modern security service, IT managers can set up rules so that devices that are not in use are locked or erase company data after a certain period of time and then deleted from inventories. Do all users remember to delete lost phones and old laptops from the list or are they busy getting the new devices to work?
Speaking of lost devices - it happens. Bad luck can come in the form of a left-behind bag or theft. Are you able to trace a lost phone or computer? There are a number of tools available to track connected devices (while preserving the user's privacy). Which tool you use is not important. What matters is that there are procedures in place to deal with what happens when a device goes astray. Should a lost device be locked or erased if it is not found? Is the information on the device secure?
The important thing is that there are procedures in place for what to do when an entity goes astray. Should a lost device be locked or erased if it is not found? Is the information on the device secure?
When a device meets the requirements set for it by the company, we come to the handling. In a modern world, we are no longer tied to the office and can only get our updates and settings when we are in the office. Instead of emailing out instructions and hoping all the settings get done correctly, IT can send them out to all devices. This could be a change in device encryption procedure, a change in password/pincode policy or new WiFi in the office.
In companies that allow employees to use private devices, popularly known as Bring Your Own Device (BYOD), it is not reasonable for the company to manage the entire device. When it comes to BYOD, phones and tablets are the most common. For example, many people want to be able to check their work emails on their personal phone. A modern security service can manage devices at the app level, such as requiring a PIN on the email for it to work and the ability to erase only company data if the phone goes astray.
Microsoft Intune is the key to IT security
Protecting employees' digital tools is an important task for the IT and security department. Thanks to Microsoft Intune, there are ways to do just that - to easily secure the devices, without making them unwieldy to work on.
- Most people in IT have heard of Intune but may not have used it. Intune now becomes more attractive when included in Microsoft 365 packages. The possibilities to get control of the devices so you can work securely and access the applications provided by the company are now much better, concludes Rikard.
Do you keep track of all your company's devices? SecureIT is a workshop where you get to test Microsoft Intune's features and see what possibilities are available. Book a workshop today.