Device Lifecycle Management (DLM) involves taking care of devices that employees use in their daily working lives. This includes any mobile devices, laptops and phones that are used to access company data, connect to company servers or communicate with customers and other team members. In most organisatations, IT managers are responsible for this activity. IT managers must ensure that devices are kept up to date, are secure and that there is no loss of productivity caused by underperforming devices.
While Device Lifecycle Management has always been important, it is becoming a necessity because of modern day remote or hybrid working environments. Hybrid workplaces, where employees work on the go, at home and in an office location, are here to stay. Device Lifecycle Management is critical in supporting these remote workplace models with the service levels and efficiency expected.
Technology Needs are Constantly Evolving in the Modern Hybrid Workplace
Correct DLM has become an integral part of the overall enterprise mobility management strategy. Within the modern hybrid workplace, staff carry out work across multiple devices, both company-owned and personal. Updating software on these devices is increasingly geared towards automation as IT managers find it difficult to keep up with the constant software updates and security requirements. Security, compliance and risk are ongoing concerns. Adopting a ‘set it and forget it’ attitude is no longer enough.
How has your company adapted its Device Lifecycle Management? Correct device lifecycle management centres around four key areas:
- Enrolling your devices
- Configuring your devices
- Protecting your devices
- Supporting and retiring your devices
Below we’ve provided a checklist of considerations for each of the key areas.
Enrolling Your Devices
The first step in bringing all employees’ devices under your control is to enrol them into your company’s network. You cannot effectively manage a device if it is not enrolled. From there you can automate enrolment to iOS, Android, Windows, and other relevant systems. When it comes to enrolling devices, have you considered the following?
- Providing specific enrolment methods for iOS, Android, Windows, and macOS
- Providing a self-service company portal for users to enroll BYOD devices
- Delivering custom terms and conditions at enrolment
- Zero-touch provisioning with automated enrolment options for corporate devices
Configuring Your Devices
Configuration is the second part in the device management lifecycle. This includes deploying policies specific to your company’s standards and ensuring that staff have access to your suite of tools and technologies. This is incredibly important as it ensures that workers are secure, compliant, and effective across all devices. Are you carrying out the following tasks and activities related to device configuration?
- Deploying certificates, email, VPN, and Wi-Fi profiles
- Deploying device security policy settings
- Installing mandatory apps
- Deploying device restriction policies
- Deploying device feature settings
Protecting Your Devices
In the modern IT world, protecting devices from unauthorised access is one of the most important tasks that you perform. When it comes to protecting your devices, have you considered the following?
- Restricting access to corporate resources if policies are violated (e.g. Updates not applied, jailbroken device)
- Protecting corporate data by restricting actions such as copy/cut/paste/save outside of managed app ecosystem
- Reporting on device and app compliance
Supporting and Retiring Your Devices
All devices that you manage have a lifecycle. Take, for example, a laptop belonging to one of your staff. To effectively manage it you need to first enroll it in your company system. Then it needs to be configured to your company’s liking. The device itself and the data it uses needs to be protected. Finally, when it is no longer needed, you must retire or wipe all sensitive data on it. When it comes to retiring your devices, you must consider the following:
- Revoking access to corporate resources
- Performing a selective wipe
- Auditing lost and stolen devices
- Retiring device
- Providing Remote Assistance
Unified Endpoint Management (UEM)
If this article is making you question your approach to Device Lifecycle Management, we are here to help. ActionPoint’s Unified Endpoint Management solution allows companies to manage data, licences, applications, users, and security of all devices remotely and from a single platform.
UEM is a unification of a range of different endpoint management solutions. This includes Windows 10 updates and compliance, always-on VPN, Windows Hello for Business, autopilot management, Device Lifecycle Management, Mobile Device Management, and Workplace Wellbeing (e.g. enabled working hours 9-5 Mon-Fri).