Endpoint Management Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

4 hours 24 minutes
Video Transcription
Hello and welcome to this Microsoft 365 Fundamentals, Training course. My name is Chris Tomiko, and I am taking you through this course, so we're starting module three now, and we're gonna be talking about endpoint management in this video. Siri's. So let's get started. All right, So in this video
are learning objectives are we're gonna learn what unified, unified, unified
endpoint management is. Let me put my teeth back in. And then we're going to also have a look at the challenges involved with managing and securing devices. A swell as how Microsoft 365 protects data across our devices. Very important feature there because we need to make sure that when we using things,
it's secure. We're not gonna be, you know, leaving ourselves open to attack.
So let's start with the unified uniformed. My God, this is gonna drive me nuts. Unified endpoint management. I'm not sure where I'm getting unified from. All right, So what is it? Well, it's a platform that includes device and app management. That's the idea behind the word unified. Or as I like to call it Unified. Don't call it that
or right.
So the 1st 1 is something we've spoken about before, so it's configuration manager. This is if anyone's ever used a program called Systems Center Configuration Manager s CCM in. Maybe you've done roll before and you've not moved into the cloud.
Then you would have come across configuration Manager. That's what they now call it, instead of the
long titled name of SCC Em
or it's That's the 1st 1 on the 2nd 1 which merges together with It is in tune, which is effectively configuration manager in a Nicer You I in the cloud. That's the idea behind it. Basically, between these two Weaken do a transformation, basically, which enables
the flexibility toe work from pretty much anywhere on any device.
That flexibility doesn't mean, however, that you're not responsible for the security of your organization's data no matter where it lives. It could be on someone's bring your own device, phone maybe, or tablet
or any other situation. The modern workplace demands a new approach to managing and securing data on devices alongside things like seamless interaction,
whether it's personal or business on, and the kind of the productivity tools that we rely on to do our jobs. So these are the things that we need to kind of focus on what we're talking about, this kind of thing.
All right, now let's get started with mobile devices. So with mobile devices, obviously we need to talk about endpoint management in terms off the connection to an unsecured device. Eso unsecured network. I apologize. So here we're talking about things like, for example, public access way WiFi points,
eso, airports, cafes, everything else.
This is usually on. I've seen these before several times. In fact, on a regular basis. This is usually not a secure network. We're talking about a network that's just open. No, no, no encryption, no password encryption at all. Anyone can read and write, read certainly read, maybe even right
data packets onto that network and possibly even listening to other people doing
so. It can really impact everyone in an organization, because if you open up a file in a cafe and you're connected to their unsecured network, that file could be snooped and and read by someone else very, very easily.
The next challenge is intermittent connection to the organizational network, so it's
difficult to manage using tools like group policy, mainly because we can't always assume that the device is always actually connected to the network,
so, you know, it could be in a blank spot. It could be on a network that doesn't allow connections out to a certain area of the Internet. Maybe it's firewalled. Could be any number of things, really. All right, So maybe it's a laptop, and you don't have, like, a foot for G or are five g
card built into it, and it can't actually get out until you know it tethers upto a phone or hooks onto a WiFi network.
The third challenge is backing up data eso.
It's pretty easy to back up data. You just make a copy of it. That's the basic level of backing up data. However you may know, have your device regularly connected and using content from a central location with myself. 365 If you're accessing a file on, say, SharePoint and then you close the file,
it was still connected. That file would just get synchronized back to the server.
The server deals with the backup for you effectively, but that's not always the case. If you've maybe made a file on your laptop and your laptop is not connected to a network. How do you deal with that regular connection To get those files backed up and made sure that if you lose the laptop or the file gets corrupted, you can actually restore it. It's a major point.
Eso There is likely to be some data stored only on the device, and it usually does happen
on mobile devices. So you're talking about phones you're talking about laptops,
anything that basically has an intermittent connection. Look at my lovely photo of a laptop here that I'm during U. S. So anything that has look, look at the look at the skill, the skill
anyway, anything that has, ah, layout, inability to go off long. That's what we're looking for here. So phones, laptops, tablets, that kind of thing on. Obviously, we're not just talking about the connection, but if something physically happens to that device, you leave it on the bus. So you forget about it on a train.
You have it stolen out of your hand. Let's say you're on your phone and you're walking down the street.
What? Then you know that. Can the device be wiped? Can it be traveler located and tracked. This is something that's worth knowing. Would you lose data if that happened?
So with that in mind, let's have a look at the next thing, which leads on quite nicely to lost and stolen devices. So
the actual problem
with lost or stolen devices is that the average cost of replacing a stolen device can actually b'more than the cost of the device itself. It's usually higher, because
if it's if it belongs to the organization, yes, they need to purchase a new one. But then they also need to configure the device on, then determine what data was lost or stolen. So not only are you actually working with the hardware to replace it and fix it,
but you actually look looking at the files on the machine.
You're looking at conflict off that machine, getting it ready to go back to the user. You may have to deal with support for the user. Maybe they need to set it back up just how they like it. All of these things can actually add to the overall cost of something, and that's the main
issue with the cost of replacing a stolen device.
It's not just the physical value of the item. That's the problem,
all right, so from there we can move on to things like compromise devices. So in some people's eyes, this could be worse than losing the device. A compromise device that connects to an internal network can infect anything on the network almost with malware and,
you know, ransomware things that steal data key loggers.
Basically, what you want to be doing is you want to assume that any device that can be mobile is a carrier of malware on That's the That's the best kind of mindset toe have with that kind of thing as well. So always assume that when people connect until you can trust them and they've proven who they are and what they're doing,
you don't trust them at all.
That's the kind of bottom line
on. Then we come onto the gray area user owned mobile devices,
so this is where you try and strike a balance between allowing access to data and applications, with the user wanting to maybe use their own personal mobile. No one wants to carry around two phones on. That's kind of the idea behind it is that it's it's known as B y o d.
So bring your own device.
Eso Basically what we're looking at, there is the ability for people to use their own phone, their own laptop, their own tablet, even their own desktop at home. Some cases I do it all the time on and be able to access data that's part of an organization without compromising that data and that organization.
All right
now, the key thing is a system. Admin here is to always ask questions. Is the device owned by the user, or is it owned by the organization? Should you let a user own device access these sensitive applications and data or, you know, only allow access? If the owner agrees that the device is managed by I T. Maybe.
What actions can your organisation take to protect data stored on the device
if the device is lost or if the user leaves the company leaving the company disgruntled employees is probably the number one way that you get leaks in companies, so being able to manage that situation properly with user owned mobile devices is a key thing. So disgruntled staff, probably
one of the one of the most
sensitive but critical things I've ever had to deal with as a system administrator. Certainly. All right, let's stop this video here. We're gonna be moving into Microsoft Endpoint manager in our next video. But I don't want to make this one too long, so we'll stop it around the 10 minute mark. We're coming up on it. Onda. We will see you in the next video. I will see you there.
Up Next
Microsoft 365 Fundamentals [MS-900]

Microsoft 365 Fundamentals is a course designed to help both those looking for more information at a foundational level on the Microsoft 365 platform and service, as well as those looking to take the exam itself.

Instructed By