S 4.236 Central administration of laptops

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: Administrator

Administrating portable terminal devices is not an easy task, especially in large-scale organisations and with users who travel frequently and all over the world. There are tools which make central administration and the implementation of security policies easier. Central administration not only ensures that software and information are distributed, but also that the organisation's own security policies are enforced, e.g. for authentication, data access, or data backup.

When using software for central laptop management, the laptops are typically no longer synchronised with a local terminal device, but with a server. Therefore, data cannot only be synchronised from one station, but from all stations connected to the server.

However, security policies may also be enforced technically during synchronisation using a server by resetting security-relevant settings to their specified values. Typical functions of such central laptop management tools include, amongst others:

• Data backups can be performed in a centralised manner without the users having to deal with them. Likewise, specifications as to when and/or how often the data must be backed up or synchronised and as to which general conditions must be met in so doing can be made.
• It is possible to receive feedback regarding the status of the laptops and to perform remote diagnoses.
• User profiles can be created in order to make user administration easier.
• Password rules and other security rules that can be adapted to the organisation can be specified.

A central laptop management tool should support all laptop operating systems used within the organisation, if possible, so that several tools need not be used at the same time. The same naturally also applies to the groupware and email platform used.

Review questions:

• Is there a suitable approach for central laptop administration?