Apr 12 2021

4 Tips for Creating Better One-To-One Device Programs

Sometimes the thing laptops need the most protection from are the students carrying them. It's especially true for one-to-one loaner device programs.

In a perfect world, all faculty members and students would have their own laptops, each tightly controlled by IT. But in this world, loaner laptops are sometimes necessary and often subject to damage.

Students break things. They lose things. They visit questionable websites and download questionable content. Moreover, they carry these laptops just about anywhere you can imagine, from classrooms to coffee shops to dormitories. This kind of distribution and portability brings an inherent lack of control. By focusing on the following areas, universities can take back some of that control and mitigate the risk.

1. Encrypt Data on Loaner Devices

The moment a laptop leaves IT, the university should encrypt the data on that device. Using popular tools such as Microsoft’s BitLocker allows universities to ensure data security. Drive encryption prevents the data stored on a laptop from falling into the wrong hands by requiring a secure password even if the hard drive is removed.

RELATED: Protect data privacy in a remote learning landscape.

2. Create an Immutable Backup for Better Security

To provide users with the access they need but maintain base images, universities can implement immutable storage.

Immutable storage allows IT to “seal” a pristine snapshot of a laptop’s hard drive, which cannot be changed without authorization. The user can still change the device as necessary, but only on a temporary “layer.” Once rebooted, the laptop automatically reverts to its original disk image.

DIVE DEEPER: Here's some questions to ask before you start a one-to-one program.

3. Have a Loaner Laptop Asset Management System

If IT doesn’t know what laptops are being used for or who has them, they can easily go missing. Universities should always use a loaner device asset management system. A great asset management system should capture user-identifying information, the reason for checkout, time of checkout and a signature.

Many organizations also assign barcodes to loaner laptops and quickly capture the unique ID for each device upon checkout.

MORE ON EDTECH: Use software asset management to save money in higher education.

4. Simplify With an Always-On VPN 

An always-on VPN forces a device to connect to an organization’s ­network the moment it boots up, no user intervention required. Always-on VPN technology ensures that every loaner laptop is always connected and available to manage through various IT services.

SDI Productions/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.