Please be informed that we are introducing a safer way to access company email and other business applications on mobile devices. Up to this point such use has been unmanaged, meaning we do not know who has installed business email nor on what device. Some devices might be jailbroken, compromised and even belong to ex-employees. Also, if a device were to get stolen, we have no way of remotely wiping it.
[acf_forfatter]
Dear everyone,
Thus, we are introducing a new policy to facilitate better control of company information.
All devices (iPhone, iPad, Android etc), business or private, where you want to install business applications, such as Outlook for mail, need to be enrolled in Mobile Device Management (MDM). If you need business access to email, calendar, teams, OneDrive on your phone you will need to enroll it. You can still use web access on a private device without enrolling, but it will require multi factor authentication (MFA). We will soon after the 14th of December only allow supported and enrolled devices to access these company resources.
Follow the guide for either iOS or Android:
Contact support at Service Portal – Customer Support (advania.no) if you need assistance or get any errors following the guides.
MDM is a comprehensive solution designed to manage and secure mobile devices used within our organization. This includes smartphones, tablets, and other mobile devices that connect to our corporate network. MDM allows us to enforce security policies, monitor that devices meet the compliance settings to enhance security (jailbroken and rooted devices are non-compliant) and ensure that our data remains protected.
Note that the setup will enable all the business applications to exist securely and managed. The security settings, compliance and protection policy outlined below will be enforced. Please ensure that IT cannot view or access any part of the private applications. IT can only assist with the applications installed via the Company Portal. If you leave the company, we will only remove the business applications and nothing else happens to the private parts of your phone.
You can read more about the MDM solution, Microsoft Intune here: What is device management? | Microsoft Learn
The introduction of MDM aligns with our commitment to maintaining a secure and efficient work environment. It is imperative to safeguard our data and systems from potential risks. MDM provides the following key benefits:
Enhanced Security: MDM enables us to enforce consistent strong security policies on all connected devices, reducing the risk of unauthorized access and data breaches. This will in cooperation with Data Loss Prevention (DLP), yet to implement, ensure that our sensitive information remains confidential.
Improved Compliance: With MDM, we can better adhere to regulatory requirements and industry standards. This is particularly crucial for industries with strict compliance standards, and it reinforces our dedication to maintaining a secure and compliant work environment.
Efficient Device Management: MDM simplifies the management of a diverse range of devices within our organization. It allows for remote configuration, monitoring, and troubleshooting, streamlining IT processes and reducing the burden on our technical support team.
Protecting Company Assets: By implementing MDM, we are taking proactive measures to protect our company assets, including intellectual property and confidential information. This is essential in today’s dynamic business landscape.
As of today an enrolled mobile device will get the following applications and settings if you don’t have them already:
Microsoft Outlook. Today this is the safest app and is required for reading email.
Microsoft Authenticator. This app is required for multi-factor authentication and is used by most today.
Microsoft Teams. Will be installed if not already installed.
Company Portal. This app is used for publishing applications used by ScaleAQ. Safely go here to install apps you need such as all the Microsoft applications, Min Unifon & Bedriftsnett, Resco Mobile CRM, Visma Employee.
Compliance Policy. Devices that are jailbroken will be blocked. IOS minimum version 13. Android minimum version 10.
Security Settings. Require a password of at least 6 digits, block simple passwords. 11 incorrect sign-in failures will wipe the device. 5 minutes screen lock before password is required. 1 minute of inactivity until the screen locks.
Protection Policy. Prevent company data from being backed up to personal Google or iCloud accounts. Prevent use of the Share feature to send company data to personal apps. Prevent saving copies of company files. Company documents can be copied to OneDrive or Sharepoint. Prevent copy/paste from company apps to personal apps. If the text is shorter than 150 characters, you are allowed to copy anywhere. Prevent users from taking screenshots of company apps. Enforce encrypting org data with Intune app layer encryption on all devices. Prevent printing company data from the phone. Save the environment. URLs in company apps will open in the managed Edge browser.
As an example, if you receive an email with a web link and click it, Microsoft Edge will open and you can browse the site. If this happened to be a malicious link Microsoft Edge is the safest browser at the moment and as we are subscribing to Microsoft E5 licensing, an event will be created in the logs and our Security vendor can assist in the best possible manner.
Above settings are best practice recommendations and lay the foundation of a secure environment, where we minimize the likelihood of losing company information yet maintain the best productivity.
The current version of this policy will be available in the ScaleQA website under IT:
You can expect a smoother and more secure experience when using your company-issued mobile devices. The IT team will work to ensure a seamless transition, providing necessary support and guidance throughout the process. Please be attentive to any communications from the IT department regarding the MDM implementation.
We appreciate your cooperation and understanding as we take this important step towards fortifying our organisation’s cybersecurity posture. If you have any questions or concerns, feel free to reach out to the IT support team at itsupport@scaleaq.com .
Thank you for your commitment to maintaining a secure and efficient work environment.
Best regards,
[vis_kontaktperson_horisontalt user_identifier=”1640″]
[kontaktperson_single]
Please be informed that we are introducing a safer way to access company email and other business applications on mobile devices. Up to this point such use has been unmanaged, meaning we do not know who has installed business email nor on what device. Some devices might be jailbroken, compromised and even belong to ex-employees. Also, if a device were to get stolen, we have no way of remotely wiping it.
[acf_forfatter]
Dear everyone,
Thus, we are introducing a new policy to facilitate better control of company information.
All devices (iPhone, iPad, Android etc), business or private, where you want to install business applications, such as Outlook for mail, need to be enrolled into Mobile Device Management (MDM). If you need business access to email, calendar, teams, OneDrive on your phone you will need to enroll it. You can still use web access on a private device without enrolling, but it will require multi factor authentication (MFA). We will soon after the 14th of December only allow supported and enrolled devices to access these company resources.
Follow the guide for either iOS or Android:
Contact support at Service Portal – Customer Support (advania.no) if you need assistance or get any errors following the guides.
MDM is a comprehensive solution designed to manage and secure mobile devices used within our organization. This includes smartphones, tablets, and other mobile devices that connect to our corporate network. MDM allows us to enforce security policies, monitor that devices meet the compliance settings to enhance security (jailbroken and rooted devices are non-compliant) and ensure that our data remains protected.
Note that the setup will enable all the business applications to exist securely and managed. The security settings, compliance and protection policy outlined below will be enforced. Please be ensured that IT cannot view or access any part of the private applications. IT can only assist with the applications installed via the Company Portal. If you leave the company, we will only remove the business applications and nothing else happens to the private parts of your phone.
You can read more about the MDM solution, Microsoft Intune here: What is device management? | Microsoft Learn
The introduction of MDM aligns with our commitment to maintaining a secure and efficient work environment. It is imperative to safeguard our data and systems from potential risks. MDM provides the following key benefits:
Enhanced Security: MDM enables us to enforce consistent strong security policies on all connected devices, reducing the risk of unauthorized access and data breaches. This will in cooperation with Data Loss Prevention (DLP), yet to implement, ensure that our sensitive information remains confidential.
Improved Compliance: With MDM, we can better adhere to regulatory requirements and industry standards. This is particularly crucial for industries with strict compliance standards, and it reinforces our dedication to maintaining a secure and compliant work environment.
Efficient Device Management: MDM simplifies the management of a diverse range of devices within our organization. It allows for remote configuration, monitoring, and troubleshooting, streamlining IT processes and reducing the burden on our technical support team.
Protecting Company Assets: By implementing MDM, we are taking proactive measures to protect our company assets, including intellectual property and confidential information. This is essential in today’s dynamic business landscape.
As of today an enrolled mobile device will get the following applications and settings if you don’t have them already:
Microsoft Outlook. Today this is the safest app and is required for reading email.
Microsoft Authenticator. This app is required for multi factor authentication and is used by most today.
Microsoft Teams. Will be installed if not already installed.
Company Portal. This app is used for publishing applications used by ScaleAQ. Safely go here to install apps you need such as all the Microsoft applications, Min Unifon & Bedriftsnett, Resco Mobile CRM, Visma Employee.
Compliance Policy. Devices that are jailbroken will be blocked. IOS minimum version 13. Android minimum version 10.
Security Settings. Require a password of minimum 6 digits, block simple passwords. 11 incorrect sign-in failures will wipe the device. 5 minutes screen lock before password is required. 1 minute inactivity until screen locks.
Protection Policy. Prevent company data from being backed up to personal Google or iCloud accounts. Prevent use of the Share feature to send company data to personal apps. Prevent saving copies of company files. Company documents can be copied to OneDrive or Sharepoint. Prevent copy/paste from company apps to personal apps. If the text is shorter than 150 characters, you are allowed to copy anywhere. Prevent users from taking screenshots of company apps. Enforce encrypting org data with Intune app layer encryption on all devices. Prevent printing company data from the phone. Save the environment. URL:s in company apps will open in the managed Edge browser.
As an example, if you get an email with a web link and click it, Microsoft Edge will open and you can browse the site. If this happened to be a malicious link Microsoft Edge is the safest browser at the moment and as we are subscribing to Microsoft E5 licensing, an event will be created in the logs and our Security vendor can assist in the best possible manner.
Above settings are best practice recommendations and lay the foundation of a secure environment, where we minimize the likelihood of losing company information yet keep the best productivity.
The current version of this policy will be available in the ScaleQA website under IT:
You can expect a smoother and more secure experience when using your company-issued mobile devices. The IT team will work to ensure a seamless transition, providing necessary support and guidance throughout the process. Please be attentive to any communications from the IT department regarding the MDM implementation.
We appreciate your cooperation and understanding as we take this important step toward fortifying our organization’s cybersecurity posture. If you have any questions or concerns, feel free to reach out to the IT support team at itsupport@scaleaq.com.
Thank you for your commitment to maintaining a secure and efficient work environment.
Best regards,
[vis_kontaktperson_horisontalt user_identifier=”1640″]
[kontaktperson_single]
