Skip to main content

How switching from personal devices to DaaS devices can mitigate security risks

(Image credit: Image source: Shutterstock/jijomathaidesigners)

With remote work policies being rapidly adopted by companies across industries due to the Covid-19 pandemic, businesses have to prioritize using secure technology. Especially considering that work-from-home is set to be part of the new normal, organizations that do not identify and resolve security vulnerabilities risk serious data hacks and compromised processes.

Although device-as-a-service (DaaS) has been around for a number of years, the changing tides of business operations have made it a particularly appealing service. DaaS companies distribute hardware like computers, tablets, and phones among organizations - all of which have preconfigured and customized software. Businesses therefore don't have to buy, configure or manage devices for hundreds of employees. In fact, 65 percent of major PC manufacturers offer DaaS capabilities, including tech giants like Apple and HP.

Already, the DaaS model is showing early signs of becoming more popular, not only because it is more cost-effective, but because it can keep physically-separated teams connected, productive, compliant, and secure.

Here's how switching from personal devices to DaaS devices can mitigate security risks:

The problem with personal devices

As the remote revolution unfolds, companies that allow employees to use personal devices for work are making themselves more vulnerable to cyber attacks. Since the outbreak of the Covid-19 virus, the FBI has reported a 300 percent increase in cybercrimes. As internet activity has surged, criminals have found inventive ways to target and exploit people online, including staff using personal devices to access company databases or programs.

Personal devices do not have the same level of protection as corporate-approved devices and create gaps in an overall protective strategy - no matter how robust it is. One study actually found that 60 percent of employees use personal file-sharing apps and/or personal devices to access and share company information. That means more than half of staff are jeopardizing the wider security of a business. Perhaps the biggest threat posed by personal devices is that corporate data is exposed and can be sold or used as ransom.

Other liabilities associated with personal device use are employees deliberately stealing data or accidentally adding harmful codes to computer networks; or from an employers' perspective, tracking employees' location outside of work hours or accessing workers' personal files.

DaaS as a solution

Because DaaS is an all-inclusive managed solution under a single point of contact, it comes with its own cyber defense toolkit. Put simply, it is pre-loaded with the necessary defenses to bridge the gaps in cybersecurity created by personal device use.

DaaS providers are part of the movement towards 'preventative' cybersecurity, as opposed to the previous 'responsive' mentality. DaaS companies are typically experts in security and are responsible for ensuring that all the distributed devices have up-to-date security software installed, and function as part of a comprehensive security strategy. DaaS models are equally effective because in-depth health monitoring is applied to software across devices, which is then used to control access to online services, and to produce reports confirming that devices don't have malware.

Even further, DaaS has the potential to assure that an entire fleet of devices adhere to businesses' security policies in terms of passwords, account access, and approved apps. Overall, DaaS makes device management more transparent and trackable, meaning high-risk behaviors can be identified and curbed as soon as possible. Not to mention, it provides analytics around the performance of devices, so is better prepared to replace or upgrade hardware that could be dangerous for cybersecurity.

UEM as an extension of DaaS functionality

Unified Endpoint Management (UEM) can add an even greater layer of security to DaaS services by enabling customers to manage the complete lifecycle of devices over-the-air and in real-time. For example, back in 2017, HP DaaS incorporated UEM solutions to combine the strength of the platforms and shape the next generation of device consumption for customers.

Integrated with DaaS devices, UEM can provide 360-degree protection for all content and apps, and utilize mobile threat detection to thwart pending cyber attacks. It can also be personalized according to business needs and block undesirable websites or actions, or alternatively cherry-pick secure websites and remove access to any other URLs. When combined with DaaS, UEM can boost security on a granular level, encrypting passcodes and devices that prevent unauthorized entry. At the same time, UEM admins can create open-in policies that stop content or apps being opened from unmanaged sources - i.e. personal devices.

Extra security advantages that emerge from UEM integration with DaaS systems is the 'remote data wipe' option, which takes place when devices are lost or stolen and halts sensitive information being leaked. UEM is also capable of restricting data being transferred between and from devices via Bluetooth, USB, and tethering.

Eliminating the guesswork from device procurement

There are a number of benefits for companies choosing to adopt DaaS, however, strengthened security is a big draw in order to adjust to the conditions of the new normal. Unsurprisingly, over 50 percent of companies have claimed that cyberattacks and data fraud due to the sustained shift in working patterns are their biggest worry for their business right now. In turn, outdated practices like using personal devices have to be replaced by more secure, savvy solutions that empower companies and employees to work confidently.

DaaS is so effective because it takes the guesswork out of device procurement, which ultimately gives enterprises greater control over their technology. Add UEM into the mix, and businesses haven't simply mitigated security risks, they have precluded them altogether.

Apu Pavithran, founder and CEO, Hexnode