This excerpt was pulled from JumpCloud’s “Leveling the Playing Field for SMEs” eBook. The eBook itself dives into topics related to recent workplace changes and modern expectations, as well as how to deal with it all as an IT professional through technology unification, improved onboarding, centralized and secure device management, and the use of multi-factor authentication.
This excerpt is focused on the new challenges IT admins all over face in securing and managing a diverse set of devices (Windows, macOS, and Linux) across a diverse workplace environment (whether fully remote or hybrid).
Device Management: A Complex Challenge
The new prevalence of remote and hybrid-remote workplaces has diversified the types of devices organizations use and changed what it takes to secure them.
Non-Windows devices are no longer confined to developers and picky CEOs; in fact, a recent survey of IT SMEs found that only about 68% of the devices in SMEs were Windows.10 In addition, BYOD policies have made smartphones and tablets more common in the workplace. With many organizations maintaining at least a partially remote structure, companies need to manage an increasing number and diversity of devices connecting from anywhere.
To further complicate things, workplaces are no longer defined by a one-device-per-employee setup. Employees may answer emails on their laptops during work hours and on their personal smartphone after hours; some employees use different devices for different tasks, and some use their personal device as their main work device. This wide variety of use cases, combined with the fact that not all devices are connecting to the network from the physical office, make it difficult to keep track of the devices accessing corporate resources, let alone secure them.
From the perspective of a bad actor, these decentralized environments create a larger attack surface area with more pathways to the corporate infrastructure. And although some SMEs might think they’re too small to be a meaningful target for hackers, the data would beg to differ. More than half of mid-market companies have experienced a breach, and 40% of those breaches have caused more than eight hours of downtime — a whole workday. That is some serious friction for customers, partners, and employees that can result in lost revenue and diminished productivity.
However, security isn’t the only consideration when it comes to managing mobile devices; companies need to respect employees’ personal privacy as well. Using a device for both personal and work activity introduces the possibility of an employee’s personal data being exposed to their employer. This is a significant concern for employees; a company’s failure to respect employee privacy can reduce satisfaction and retention rates.
Balancing security and privacy is critical when managing mobile devices — and organizations can’t afford to compromise one for the other. To power seamless growth, this balance needs to be easy to implement and repeat. That’s where MDM tools come in.
Secure, Scalable Device Management
MDM has become a critical solution to these challenges and a necessity for remote and hybrid SMEs. MDM offers companies the security tools they need to keep all devices accessing corporate data safe while maintaining users’ privacy. Automation makes these capabilities repeatable and seamless, facilitating a scalable, easy-to-manage device environment.
With JumpCloud’s MDM tool, companies can track, configure, and control devices that access their corporate data. It’s platform agnostic, allowing IT admins to manage macOS, Windows, Linux, iOS, and iPad systems, and it combines with the JumpCloud cloud directory platform for unified security and management. Organizations can embrace freedom, flexibility, and choice without any added complexity. And employees can use any device and continue to work remotely — enabling the modern approach to work they have come to expect.
As the lines between personal and business devices become blurred, MDM programs must account for the employee experience to be sustainable and cultivate employee buy-in. The level of control over devices should correspond with device type and who ultimately owns the device. This helps ensure security and scalable device management without creating a cumbersome or uncomfortable experience for employees.
Employee-owned BYOD devices, for example, should allow the employees to retain privacy and autonomy over their personal data on those devices. JumpCloud’s MDM platform enables this privacy and autonomy by allowing voluntary enrollment for users, separating corporate and personal data, blocking the company from viewing or accessing personal data, and offering employees the option to unenroll at any time without losing personal data.
On the other hand, MDM programs for corporate-owned devices can be much more extensive. For corporate-owned devices, JumpCloud allows companies to specify password/passcode complexity requirements, restrict usage, configure the device remotely, lock and wipe the device remotely, and schedule and track updates.
Update and patch management are key components of facilitating scalable security with MDM. JumpCloud’s MDM makes updates manageable and predictable at a large scale so that organizations can remain secure and productive without having to risk downtime during critical business hours.
With JumpCloud’s MDM, IT admins can schedule updates overnight, over the weekend, on shutdown, or on restart. They can also send out update prompts to employees to schedule at their convenience and block updates on devices that aren’t ready to receive them yet. And to keep everything transparent, IT admins can view devices’ update and patch status at a glance, including pulling quick insights like what percentage of devices have implemented the latest patch. In short, it makes updates easy to implement for the user and easy to manage for the admin.
A holistic view of your IT environment enables more informed decisions without impacting productivity. Remote management ensures maximum uptime and security without the need for devices or admins to be physically present — and that’s a big deal in the work-from-anywhere era.
Balancing security and privacy is critical when managing mobile devices — and organizations can’t afford to compromise one for the other.