Mobile Device Management - Ensure That Mobile Devices Lock After a Period Of Inactivity To Prevent Unauthorized Access

 










Summary

Users should configure their mobile devices to lock on inactivity.  

Reason

Unlocked devices  are generally vulnerable to being accessed physically by attackers who can then steal them and access data and account information. 

What If?

This setting has low impact on users.

How to?

To set mobile device management policies, use the Microsoft 365 Admin Center:
  1. Under Admin Centers pick Endpoint Management.
  2. Select Devices and then under Policy select Configuration profiles
  3. Select Create Profile
  4. Set a Name for the policy, choose the appropriate Platform and select Device restrictions.
  5. In the Password section, make sure that Maximum minutes of inactivity until screen lock is set to 5 and Maximum minutes after screen lock before password is required is set to immediately.   

Monitor:

To verify mobile device management profiles, use the Microsoft 365 Admin Center:
  1. Under Admin Centers pick Endpoint Management.
  2. Select Devices and then under Policy select Configuration profiles
  3. Review the list of profiles. Ensure that a profile exists for each Platform.
  4. Verify Maximum minutes of inactivity until screen lock is set to and Maximum minutes after screen lock before password is required is set to immediately.   










































































Comments

Popular posts from this blog

Deployment (Part 3)

Deployment (Part 1)

Project Resourcing (Part 2)