IT infrastructure and workplaces are changing to support devices with multiple platforms and operating systems. With an increase in remote workers, more corporate and personal devices are being used. JumpCloud can easily work with any device running Windows, macOS, or Linux.
Using personal devices can be cost-beneficial and also give employees flexibility when using a device or OS they know, but this freedom comes with responsibility for the employee and your company to follow appropriate security guidelines, legal best practices, and regulations.
Understanding the Use of Personal Devices
Personal devices are individually-owned devices that employees bring into your corporate work environment. As advantageous as managing personal devices sounds, there are some major security risks and recommendations to follow when you add these devices into your company’s network, applications, and resources.
Create company policies, practices, and requirements - Allowing employees to use their own devices to access your corporate network and resources can open up multiple security risks because the company does not own that device. You should create internal company policies, practices, and requirements around using and leveraging personal devices. Data security, application authentication, and intellectual property are all things that you need to consider.
Enforcing good security practices and measures for both personal and corporate devices ensures that the applications your employees use are centrally managed and they have device security policies in place for you to safely manage these devices.
Create a legal and security policy around company proprietary data and the personal device - There are additional security considerations when you manage personal devices in your company’s infrastructure, processes, and workflows. You should create a legal understanding of intellectual property rights between the employee and the company. If personal devices are used for corporate work, confidential corporate data might be saved on the personal device which can cause issues when the employee leaves the company. Creating a legal and security policy around company proprietary data and the personal device with the employee is critical to protecting your company’s assets.
The result of not having security policies and related practices and requirements in place can lead to a potential data breach. Often, companies do not remove company data from the employee's personal device after the employee leaves the company.
Using personal devices could be cost-beneficial and gives employees flexibility when using a device or OS they’re already familiar with, this freedom comes with responsibility for the employee and company to ensure that the security, legal best practices, and regulations are followed.
Using JumpCloud to Manage Personal Devices
JumpCloud’s software lets you manage any device running on macOS, Windows, or Linux OS. The JumpCloud System Agent allows you to seamlessly manage personal and corporate devices while enforcing security policies and user account management. You can control which users are authorized to access your company networks, applications, and other JumpCloud resources.
The JumpCloud System Agent lets you create and apply a corporate account and security policy on each type of personal device to help you manage that user’s account.
Use these guidelines when managing a user's account:
- When removing a user’s access to a JumpCloud device, the agent automatically logs the JumpCloud user out from the macOS or Windows device. This also disables the local user account on the operating system. Because of data integrity and security practices, JumpCloud does not wipe or remove the user’s account data, but rather disables users from logging in to the account. This allows you to recover any home directory data from the device after an employee leaves your company. You should only disable a user if it is a separate corporate account on the user’s personal device, not the user’s personal account on their personal device.
- You should create an internal corporate security policy to require the removal of any corporate data from the device before the employee has left your company. Study the legal liability along with security concerns regarding company proprietary data on devices of former employees. If you’re using device management or MDM for iOS devices with JumpCloud, you could also ensure that the profile and only the employee’s JumpCloud corporate user account and data is wiped. See MDM Commands.
- Removing an employee’s access to JumpCloud data on a personal device can be performed in less than 60 seconds. When removing a user’s access to resources in JumpCloud, JumpCloud removes the user’s access from connected SAML SSO Applications, RADIUS Wifi & VPN Networks, Google Workspace or Microsoft 365 access, Active Directory access, and LDAP Access. For more information, see Unbind Users from a Resource – Revoke Access.
- Using JumpCloud’s Admin Portal, you can easily manage all of your company’s employees and user accounts in a central page, which increases security and ease-of-use while decreasing how long it takes you to add or remove employees.
- JumpCloud adheres to global security standards as best practice, whether it be PCI DSS, SOC, GDPR, or HIPAA.