As the mobile attack landscape continues to expand, bring-your-own-device (BYOD) management is under greater scrutiny than ever—especially if a breach occurs. Unlimited device choice, as BYOD theoretically offers, can expose organizations to more complexity and greater security risks.
For example, do devices have sufficient security features to protect against hacking, or block access to data if they are lost or stolen? Can all employees efficiently connect with other devices such as meeting room displays, printers and medical equipment, if they each have different connectors? How can IT support such a broad range of devices in the event users experience technical issues?
Answering such questions without introducing more complexity is not easy. Therefore selecting and provisioning a set of devices that your employees can choose from is a good middle ground; employees get choice, and organizations can ensure more consistent standards around data security and productivity.
Offer a Choice of IT-Provisioned Devices
All end user devices should be company or institution-owned and managed by IT under a program where you offer employees a choice of devices. In this way, not only do users get choice, but your organization still benefits from the enhanced security features and common productivity standards found in business-grade devices like ThinkPad and ThinkCentre. This may be crucial in reducing risk to Protected Health Information (PHI) and meeting current or future data protection policies.
- Whether your healthcare institution is a commercial enterprise or not, consider business-grade PCs as they undergo the most rigorous testing and have superior trustworthiness over consumer PCs; critical for delivering 24X7 care. Such devices, like ThinkPad and ThinkCentre PCs, also offer a wider selection of support services and security features. For example, access prioritized tech support and on-site servicing - which is crucial if devices are connected to critical medical systems. Achieve the highest healthcare IT security standards with hardware-based fingerprint readers which are much harder to hack.
- Audit job roles and get user input on preferred device types. Today there are many types of device available, each with their own advantages for different worker roles. Gain user buy-in ahead of time to ease the transition to your new program.
- Look for devices with Intel® Active Management Technology, which enables IT managers to discover, repair and help protect networked computing assets. They can also remotely erase all the data on a device which has been lost or stolen.
- Simplify PC deployment with a solution like Advanced Deployment Services. This is a customizable self-install wizard that enables final configuration steps to be performed by your end users instead of a technician. Whether joining a domain, installing software, setting up printers or migrating data, you can empower your end users to self-serve and reduce the burden on IT admins.
- Use Windows 10 Pro security features to help protect data in the event of a human error or if a device is lost or stolen. For example, Windows Information Protection helps prevent unauthorized or accidental sharing of healthcare information and allows you to remotely delete such data from a lost or stolen device. BitLocker data encryption, supported by many ThinkPad and ThinkCentre devices, will encrypt all data on a device, ensuring it cannot be accessed by unauthorized users.