From zero touch provisioning to BYOD security, fine-tune your device management for hybrid working
Let's take a look at the key ways that a device management solution can support hybrid working and make your life easier and your network more secure:
Simplify device and application deployment
Still imaging devices manually with a trusty USB or DVD? When everyone was in the office this task may have been onerous but once it was in the office you could do the work and put it directly in the hands of your users. This becomes a more cumbersome and time-consuming process when your workers aren’t all in the office.
As you’d expect, there are more modern ways to manage this process, that will save you time at initial set-up and longer-term. With Windows Autopilot you can work with your device supplier to utilise zero touch deployment to ship devices direct to end-users working from home with policies, settings and applications pre-installed or ready to load at first touch. The added feel-good bonus is giving someone the enjoyment of a new device unboxing experience – who doesn’t enjoy that?!
To make life even easier, if your next device is a Surface, it comes Autopilot-ready so your supplier can enrol the device and ship direct to the user, whilst you create the custom profiles and settings in your Azure AD portal and Intune that will load once the device is unboxed and switched on. Or get support from your accredited Microsoft IT provider (shout out to the Probrand in-house engineers!) to manage the whole process for you. In fact, a recent Forrester report showed that organisations using Microsoft 365 Enterprise and Surface devices saved 4 hours on deployment per device.
In the longer-term, once the device is enrolled you can easily add and assign apps to groups and devices, configure settings, track app usage, and much more. And when someone leaves, you can simply reconfigure the device remotely and get it sent directly to whoever needs it next – a much quicker process then having to get it back to the relevant person in IT (wherever they are) to manually re-image and then send out again.
With the urgent shift to home-working and the subsequent unavailability of devices there’s been an increased usage of personal devices, particularly mobiles, being used for work simply so that business can continue. Whatever cyber security measures you are taking, need to now adapt to take into consideration this massively expanded network perimeter, and the new risks it creates, when these devices are rarely (if ever) on the LAN.
Additionally, there’s also been a rise in Shadow IT, where users circumvent IT and take their computing needs into their own hands ‘to get things done’, for example signing up for random cloud services and apps. This creates a security risk to your data that you don’t even know about, potentially until it’s too late.
Using a modern device management solution will help you make sure that only authorised people and devices get access to your organisation’s information, even on a personal device that’s never even seen the inside of the IT office. For example, Intune integrates with Microsoft 365 to push policies you’ve created out to the relevant device group so you can restrict apps that can be downloaded or prevent data transfer via USB. All this is managed through the Microsoft Endpoint Manager admin centre, where you can also manage Azure AD and client apps.
And those who partner Microsoft Surface devices with the functionality of M365 E have experienced an average annual reduction in security breaches of 20%. It’s no surprise when Surface has been designed specifically to work with the rest of the Microsoft ecosystem, created a joined-up experience to help make life easier for IT teams and end users.
View our on-demand webinars for more tips and guidance around tackling a variety of remote & hybrid working challenges.