With the proliferation of Devices and Cloud Services, a major issue for Businesses of all sizes is how to manage the Devices, both Corporate owned and User owned.
This is where the Endpoint Device Lifecycle Management comes in. With this Managed Service, we can offer complete visibility to Customers on the devices that are accessing the Corporate Information. Not only that, but we also take responsibility for the complete life cycle Management.
Our Service is used to manage your organization’s endpoints which include the mobile devices, desktop computers, virtual machines, embedded devices, and servers that your organization uses. Additionally, endpoints also include the apps used by your organization.
Let us understand how:
1. Provision, Secure and Retire Devices
These could be new Corporate Devices or allocation of a device of an ex-employee to another user.
Let us understand how the new devices are provisioned.
A new device first gets delivered to Corporate IT Team
The Team will then start the setup using the image files. Or doing a manual process
Once the apps are installed, the IT Team will then hand over the device to Admin Team who will then ship the device to the user at same or different location.
The User will then unpack the device and then get on a call with Corporate IT Team for final setup. Security setup will be ongoing and extremely time consuming.
Now let us see how the same task will be handled by our Team using the Cloud Platform:
A new device is delivered by Vendor directly to the User location
The User unpacks the device and then connects to Internet
Using the Remote Cloud Services, the Device gets auto enrolled into the Company Portal
All the required apps, which have been previously approved for the User Type, get auto installed.
All the required Security Settings get auto deployed.
User will be prevented from installing any app that is not in approved list.
The Device level settings for Data Loss Prevention can auto applied
The App Configuration and Protection Policies get auto applied
The Device gets allocated to the required Managed Category
The Device starts appearing in the Central Portal
The Conditional Access Policies get auto applied so that only compliant devices get access to the Corporate Data
On regular basis the various apps get updated in a defined fashion.
2. Get Hardware and Software Inventory
Very few Customers have a clear idea of how many devices they own that are used by the Employees. The usual process is to do physical count which can take days and week. What’s more, it is likely to be inaccurate. So not only is the process a big drain in Productivity, it is also inaccurate.
And what about the Personal devices that are being used to access the Corporate data? Absolutely ZERO visibility.
With our Service, we can give you an upto date information on Corporate and BYOD devices that are accessing the Corporate Information. And we can set policies by which we can define the minimum requirements of any devices that need access to Corporate Data.
Not only that, but we can also get visibility into the apps being used in the various devices.
3. Secure Access
Our Service gives you means to access your Information from any device in a very secure fashion. Sample this:
If you have any web-based apps running in your Data Center, these can be accessed using App Proxy Service
If using a Mobile, you wish to access some Infrastructure available on On-Premise, then you can do so securely using Microsoft Tunnel Service. Tunnel can be protected with Conditional Access by evaluating user identity and device risks.
Windows Hello for Business can be used to give Multi Factor Authentication. The Windows Hello service is device specific. So only the device which is permitted to access the Corporate Data, will get the access. So any password breach will not lead to unauthorized access.
Using Conditional access, Companies can ensure that no users, apps, or devices can access Microsoft 365 data unless they meet your company’s compliance requirements (performed multi-factor authentication, enrolled with Intune, using managed app, supported OS version, device pin, low user risk profile, etc.).
4. Information and Threat Protection
Multiple services that we provide for devices will help in Information and Threat Protection:
Web protection provides anti phishing capabilities.
App Security shows any malicious apps on the device and tell you steps to take.
Monitor and trouble shoot App Protection policies on mobiles and Computers to prevent leakage of Corporate Data.
Anti-malware service for Android and iOS devices keeps the mobiles safe.
Data on hard disks and portable drives can be encrypted with Bitlocker and Bitlocker to Go.
Advanced Threat Protection from Ransomware, Malware, Viruses, Worms with daily monitoring and Threat remediation.
5. Monitor Security Posture
Digital Security is becoming a Top Priority for organizations large and small as they continue their journey of accelerated digital transformation. However, one major issue which was faced by organizations was how to understand the level of security they have. We are pleased to introduce you to a new Security Service called Secure Score. This is a measurement of the security posture of the organization.
Following the secure score recommendations can help organizations increase their security. With the help of secure score, organizations can now work on specific areas to improve the Microsoft 365 identity, data, apps, devices, and infrastructure.
Some of the key things we can do are:
Check your current score
Compare your score to organizations like yours
View improvement actions and decide an action plan
Initiate workflows to investigate or implement
6. Advanced Analytics
Using our service, we will on proactive basis monitor and act on the following Analytics:
Technology Experience Score. This gives how the device is configured
Proactively maintain device performance and health
Real Time Advanced Threat Detection
Dynamic User Risk Assessment