I'm managing a small company where we have a learning lab with a research component, but we're on a tight budget and can't afford to hire extra help. I'm looking to enhance the security of our desktops, especially since some are being used for research without any sort of protection. Here are my objectives: I need to be able to wipe and lock out devices if they get stolen, access them remotely as needed, perform system updates, keep track of their locations as a priority, and log who is using each device if needed. I've not done any configuration so far and would like some advice on implementing protections, as well as tips and edge cases I should watch out for.
4 Answers
Are you using Windows or Linux for your desktops? Knowing the OS will help in giving better recommendations. You've mentioned that you only have one Mac laptop, so focusing on those two alternatives would be helpful for tailored advice!
It sounds like you need to set up a Mobile Device Management (MDM) or Remote Monitoring and Management (RMM) system. These solutions can help you meet all of your listed goals, including tracking device locations—just remember that location might not be 100% reliable since it'll depend on GPS and Wi-Fi permissions. Plan accordingly!
Definitely consider going with an MDM. For Windows, Intune is pretty popular, while Jamf is the go-to for Macs. These tools can help you manage access and maintain security efficiently!
I'd recommend looking into solutions like LAPS (Local Administrator Password Solution) combined with an RMM platform like Syncro or Ninja. These can provide better control and oversight, which is crucial for your situation!

We're using Windows and Linux for the most part, with just that one Mac.