Congratulations on establishing a program where employees are offered a choice of company-owned devices. Many other financial services organizations are doing the same, as a means to increase agility for workers, but at the same time address data protection and regulatory compliance issues. As your company grows, we believe it will help you streamline collaboration, harden security and free up IT’s time to support business initiatives.
From your users' perspective, one drawback of your program is that it doesn’t offer the unlimited variety of a bring your own device (BYOD) policy. To offset this, Lenovo suggests populating your device portfolio with a range of device types. You can also customize each user’s options according to their job role. For example, financial analysts may need more powerful processing for advanced analytics and data visualization, while office workers may only need thin clients running virtualized desktops. Moving forward, you’ll want your portfolio to include:
- Business-grade build quality, support services, security features and connectivity options. For example, access prioritized tech support and on-site servicing. Or achieve the highest security standards with hardware-based fingerprint readers which are much harder to hack.
- Hardware-enhanced identity protection such as Intel® Authenticate solution to protect devices and financial data
- A range of device types based on an audit of job roles in your organization. Today there are many choices, each with their own advantages for different worker roles. Gain user buy-in ahead of time to ease the transition to your new program.
- Intel® Active Management Technology, which enables IT managers to discover, repair and help protect networked computing assets. They can also remotely erase all the data on a device which has been lost or stolen.
- Windows 10 Pro security features that help to protect data in the event of a human error or if a device is lost or stolen. For example, Windows Information Protection helps prevent unauthorized or accidental sharing of company information and allows you to remotely delete business data from a lost or stolen device. BitLocker data encryption, supported by many ThinkPad devices, will encrypt all data on a device, ensuring it cannot be accessed by unauthorized users.
Additionally, you can simplify PC deployment with a solution like Advanced Deployment Services. This is a customizable self-install wizard that enables final configuration steps to be performed by your end users instead of a technician. Whether joining a domain, installing software, setting up printers or migrating data, you can empower your end users to self-serve and reduce the burden on IT admins.
How Can You Improve Your Program?
New technology, users and financial industry challenges force you to continually evolve. Here are a few tips from Lenovo:
- Include only business-class PCs in your portfolio (avoid low-security, hard-to-manage consumer PCs)
- Audit job roles in your organization to get user input on preferred device types
- Review the portfolio annually to determine your refresh needs. Make sure it includes device options for every user; don’t open the door to shadow IT and increased risk
- Include managed business applications and containerization services during device provisioning to ensure better security and manageability