Device Management: all the secrets to work safely

Dec 1, 2020 | Blogs and whitepapers

The Device Management discipline, which until a few years ago was focused mostly on Desktop Management, today also includes Mobile Device Management (MDM). However, mobile technologies and wireless networks proliferation should not obscure that it is necessary to harmonize the set of devices made available by the company for employees, paying attention to protection issues and safety, which must concern all devices used by the worker. In fact, mobile dimension has enormously expanded the potential attack surface, exposing companies to greater vulnerability that requires a holistic method to be countered. If in the past firewalls, antivirus and antispam concentrated on guarding the area within a less wide perimeter, from the infrastructure to the assigned PCs, today this area extends to notebooks, tablets, smartphones, wearables on which company data transit. This is why Device Management cannot overlook a key factor such as security.

Security and Device Management, starting from governance

The first secret to work safely is to establish a governance for risk identification and risk management that affects corporate assets, and which also invests the strategy underlying Device Management. Especially in view of a now widespread practice such as BYOD (Bring Your Own Device), which involves mixed use of device for work and personal purposes, it is essential that the company doesn’t entrust endpoint security to individual users. For this reason, the IT security policies definition must embrace infrastructure, data centers, networks, applications and hardware equipment, regardless of whether users use the latter inside or outside the company offices. To this end, a simplification in global governance could be obtained by making use of Managed Services Providers (MSP), which offer a service across the entire supply chain of information needs, including Device Management with the supply of efficient and cyber attack-proof devices.

Device Management in the context of corporate security policy

Usually, those who operate today as MSPs don’t just manage the activity of Device Management, selling or renting a more or less wide range of devices, from computers to headsets. Rather, it is a partner capable of fully responding to the technological needs of the company. Upstream, its approach tends to address the issues inherent in a profoundly changed work organization, which also any Device Management policy must take into account. Therefore, it proposes solutions, such as the implementation of Digital Workplace as a Service, in which security is one of the qualifying aspects of its offer, including that of the various devices needed by company staff. An integral part of these solutions, for example, automatic updates and patches sent to users, continuous remote assistance, blocking procedures in case of theft or loss, data encryption and so on. Then, Device Management falls into the framework of Risk Management and the overall security policy. 

Not all devices are the same, even in terms of security

Finally, there is a further secret that must be emphasized to better clarify the correlation between Device Management and security. Actually, more than a secret, we could speak of an often overlooked evidence. Not all notebooks or smartphones are the same. And this is true not only in terms of performance, as well as related costs, but also in terms of resilience to threats from hackers. The Apple world, while not immune to these threats, is statistically less prone to breaches than the Android and Windows environments. Just consider that Android users can download and install unofficial and dubious software on smartphones and tablets, unlike what happens with the iOS system which prevents them from tapping into apps that don’t come from the App Store. This doesn’t mean that you must necessarily opt for iPhone, iPad and iMac, but simply that it is good to keep this in mind when you agree with your MSP the SLA (Service Level agreement) referring to Device Management. Although the number of tickets that can be used normally provides unlimited assistance for the duration of the contract, it is advisable to know in advance the risks to which one is exposed by adopting one or the other type of device.