24/7 device management: ensuring security and productivity with flexibility

Managing devices around the clock and enabling work from any device, anywhere, is crucial for maintaining security. However, it also raises various questions regarding productivity and usability. In this article, we explore key issues related to 24/7 device management from our practical experience.

Providing device choice

Device management encompasses laptops, smartphones, and tablets. The market primarily offers two choices: Apple’s iOS and Google’s Android. For Android, companies often opt for Samsung, which provides an extensive business solution with Samsung Knox. We recommend allowing employees to choose their devices, either from a list of pre-selected options or based on specific requirements. For instance, someone who travels frequently might prefer a smaller laptop, while an office worker might opt for a larger screen. Having the right hardware for their tasks is a crucial factor for productivity.

A major consideration is whether to choose company-owned or personally-owned devices. In the company-owned model, the employee has usage rights while the company remains the owner. In the personally-owned model, known as Bring Your Own Device (BYOD), the employee owns the device and agreements are made regarding its business use. Privacy is a key concern in both scenarios.

Safeguarding employee privacy

Addressing the perception that an employer can monitor everything on a device is crucial. Employees might worry that their visits to the supermarket or doctor during work hours are being tracked or that the company can see all visited websites. Clear communication about usage policies and monitoring practices is necessary. For company-owned devices, while the employer can request location data, the user is notified of such actions. Blocking specific websites is possible, but logs of visited sites are not maintained.

For privately-owned devices, controlling potentially insecure apps like WhatsApp involves using a container: a secure section on the device where only approved applications run, and where additional security measures are in place. Business data remains within this container and can only be shared through business applications. Controlling this container helps prevent security incidents.

Balancing security and usability

Effective device management requires the ability to remotely wipe business data in case of loss or theft. For company-owned devices, a remote reset to factory settings deletes all data. For privately-owned devices, control is limited to the container. If a user manages to share a new sales deck via a private app like WhatsApp or Dropbox, it poses a significant security risk.

In striving for security, there is a tendency to impose strict limitations and enforce updates. On a company-owned device, policies can be finely tuned to restrict third-party app installations or jailbreaking. This can be inconvenient for users with preferences for specific browsers or search engines. Therefore, finding a balance between security and usability is essential. A new factor in this balance is the use of AI, such as ChatGPT.

The opportunities and risks of AI

Since the launch of ChatGPT in November 2022, the use of AI in business has become increasingly common. However, there is a potential risk of data breaches: all information entered into ChatGPT could be used to further train the system. This was a concern for Samsung, which led them to restrict employee use of AI tools.

Microsoft is addressing this with the upcoming Dutch version of Copilot, an AI application integrated into every Microsoft application based on ChatGPT. Data remains within the company’s environment and is not shared with Microsoft. Businesses can also integrate specific company data to create a personalized knowledge base. This platform, Microsoft Copilot Studio, allows for developing custom conversational AI for internal and external use, such as onboarding new employees or reducing helpdesk workload.

Device management in practice: Maandag® case study

So, what does device management look like in practice? Staffing agency Maandag® enlisted Digital Survival Company for managing all 800 internal workstations. The organization opted for a complete overhaul and optimized device management from A to Z, enabling the application of new functionalities like pre-provisioned deployment for rapid app installation and fully passwordless (passwordless) login. Employees are free to choose their device, whether privately or company-owned, with a focus on usability that aligns with Maandag®’s open corporate culture. Currently, we are collaborating with Microsoft to explore how Copilot can best enhance productivity for Maandag®.