Will endpoint security for laptops ever get easier?
Sort by:
It's reasonably magical. I've used DP as well, and even if somebody steals your laptop, it just goes back to the company and redoes itself. It's pretty slick. We had somebody buy one and bring it back to us, in fact. They were like, "I can't use this thing and I think I got scammed."
The way that laptops touch consumers and businesses sets expectations on the part of the consumer that they carry into their business life. They think, "Of course my kid should be able to install a video game on my work laptop because it's a laptop." There are a lot of things that are vulnerable in a laptop that probably don't need to be anymore, but they still are because of the tension with consumers, businesses, and where we use the products.
If you're a developer or an engineer writing code, then you need your laptop to do certain things. There's a big chunk of the company that doesn't need half of those things, but they still need a full laptop. We're just not totally there yet. I think we know the answer, but we're not doing it. Managing people's expectations of what their laptop can do is part of it.
We're getting closer. At my last two companies, I played with Microsoft Autopilot and a combination of Intune. That worked pretty well for deploying stuff.
Apple display port (DP) works really well. When I was at Juul, because we big brothered every single machine, I reimaged my machine once a month. I would just wipe it, re-DP it, redeploy everything, restart from crash plan, and then I'd be good to go again. We had hundreds of laptops stolen, but they all had DP on them so the thieves couldn't do anything with them.