Securing company data on personal devices

by | Sep 10, 2019 | Security

By 2020, there will be an estimated 105 million people working remotely in the US.  That’s over 70% of the nation’s total workforce, and that number will only continue to grow over time. 

 Technology has gotten to the point where users can maintain productivity while out of the office, and businesses are seeing the cost benefits.  With a solid VPN connection, people can work anywhere, anytime with Internet access. 

 Many organizations issue laptops to their employees that already have the necessary security built-in.  However, not many of those same companies treat mobile devices the same way.  Most companies reimburse individuals who use their person mobile devices, but still allow their sensitive data to reside on them. 

 About 70% of companies have a bring-your-own-device policy.  So, how do you enforce governance with all those rogue devices in use? 

 Mobile Device Management (MDM) is a critical future which Microsoft provides in its Intune product to address this very common scenario.  Here’s how Intune is keeping the mobile workforce secure: 

  • Intune allows users to enroll their personal devices which provides administrators with granular control of company data. 
  • Intune can restrict access to Email or OneDrive business documents if logging in from an unenrolled device. 
  • With compliance policies, admins can set several other conditional access criteria: 
    • Anti-virus up to date 
    • OS version is up to date 
    • Device is protected with a PIN 
    • Device is not jail-broken 
  • An administrator can perform a full device wipe for stolen / lost devices, protecting sensitive data from getting into the wild.
  • Intune can also deploy certificates as well as wireless, VPN, & email profiles once devices get enrolled. 

Mobile devices users can rest easy also knowing that Intune does not monitor the device use or track user locations.  No information is collected regarding personally installed applications. 

 Having company data on employee-owned mobile devices is par for the course now with MDM keeping its arms around things.  Knowing devices are up-to-date, encrypted, password-protected with data behind multi-factor authentication, administrators can rest a little easier. 

 Intune is a core product of the Microsoft Enterprise Mobility Suite (EMS) + Security. 

Conditional Access is available with Azure Active Directory Premium. 

Contact Peters & Associates at for more information and to learn how you can enable your workforce to be productive while staying secure.  We are happy to help!