A comprehensive approach to device security preserves employee privacy while providing complete visibility into your total attack surface.

March 26, 2024

4 Min Read
A screen showing technology icons such as keys, 0 and 1, and wireless signal, in hexagons.
SOURCE: ALEKSEY FUNTAP VIA ALAMY STOCK PHOTO

By Greg Armanini, Vice President, Product Management, JumpCloud

Small and midsized enterprises (SMEs) are increasingly accommodating flexibility in their device environments. Building platform choices into your workspaces is a great way to empower employees, letting them work on the device with which they're most comfortable and productive, from macOS to Linux to Windows and a multiplicity of personal devices.

However, a diverse device environment introduces challenges and risks that must be managed effectively. It must support all devices where work is being done, from onboarding to authentication to troubleshooting. A comprehensive approach to device security also means covering personal devices intelligently — in a way that preserves employee privacy while helping your enterprise get complete visibility into your total attack surface.

Unpacking the Risk

Diverse device environments can make enforcing specific technical or policy controls challenging, especially on employees' personal devices. With unclear security expectations and a desire to simply get their work done, employees often bypass IT protocols (which may not be well communicated) to download unauthorized apps or programs. It's a problem that won't go away: In 2022, 41% of employees said they acquired, modified, or created technology outside of IT's control, and by 2027, Gartner projects, 75% of employees will do so.

For SME IT teams managing heterogeneous devices, it's especially critical to create a security policy that secures all devices regardless of who owns them and establish visibility that prevents vulnerability creep. Using a variety of systems and devices also means an IT team is easily spread too thin, addressing too many risks and taking on too many responsibilities.

Amid a growing number of scenarios impacting this combination of devices, the need for strong IT control has never been greater. Here are a few considerations to get started.

Enhance Your Visibility

Establishing a comprehensive view of all devices connected to the network is critical. A device management system should track each device and attach it to personally identifiable employee data. It should also incorporate conditional access policies, offer authentication services, and be capable of remote data wiping or device locking in cases of theft or loss.

Be Proactive About Risk Management

Cultivate a culture of security awareness. That means developing a device policy for employees that is regularly updated and includes best practices to follow. Even so, IT teams should deploy stringent IT controls to ensure security protocols are consistently upheld and managed.

A device policy should be clear about:

  • The type of devices and operating systems that are allowed and not allowed.

  • The process for getting IT approval for personal devices.

  • What employees are allowed to do or not do on company devices (including what software is or isn't allowed, Internet access, and password best practices).

  • Why the company is enforcing the device policy.

  • The consequences for violating device policies.

It's a common cause. Educating employees about their role in responsible device use while putting IT controls in place to avoid unnecessarily burdening them with too much security responsibility keeps a company and its resources safe.

Assess Applications

IT teams should evaluate and assess apps used by employees on their personal devices to align with organizational security protocols. This includes creating tailored security standards for app assessment, safeguarding application data, establishing acceptable levels of risk, and defining specific deployment scenarios. Admins can and should set criteria for securing app data, determining permissible risk thresholds, and identifying suitable contexts for app use.

Consider Mobile Device Management (MDM)

Adopting an MDM approach can centralize device management across device types, enabling data encryption and adaptive authentication and establishing trusted apps and devices. It can also set parameters around network use for data in transit when employees access corporate resources from public or unsecured networks.

Keeping Your Sights on Potential Risks

As SMEs continue to move toward a more integrated and digitally diverse environment, they must not lose sight of the potential risks. A proactive approach to device management balances productivity and security and gives SMEs the flexibility necessary to meet today's challenges and prepare for tomorrow's threats.

About The Author

Greg Armanini

Greg Armanini is the Vice President of Product Management at JumpCloud. Prior to JumpCloud, Armanini held various product leadership positions at VMWare, Yahoo!, and AOL. An energetic and results driven leader, Armanini has over 15 years of experience and demonstrated success building product strategy, leading go-to-market, and executing on highly visible programs. He has an extensive history leading global teams and a passion for building world-class experiences.

Read more about:

Sponsor Resource Center
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights