Avatar of Pau Lo
Pau Lo asked on

unused computer devices - administrator approach.

What is your general approach to end user devices (Windows Laptops) that have not logged into your private network for a significant period of time? For as long as they are offline, they are obviously falling behind on updates/AV signatures etc, and therefore I presume there becomes a period of time whereby action needs to be taken by an administrator.  
I recall when our devices were joined to on-premises AD, the admins would disable the devices after a pre-defined number of days of no login activity, in the same way they would stale accounts. Now the devices are in InTune/Endpoint Manager, I am not so sure if that system naturally manages unused devices (and how), or if there is still an onus on an administrator to take some form of remedial or preventative action – hence querying – what is your approach?

Windows OSLaptops NotebooksNetwork ManagementWindows 10

Avatar of undefined
Last Comment
William Fulks

8/22/2022 - Mon
William Fulks

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Pau Lo

Sounds like a sensible approach. I take it you aren't using InTune? I was wondering if that system may automatically handle such scenarios, e.g. auto-disable no recently 'checked in' devices.
William Fulks

I know you can set device cleanup rules in InTune to do this. Just choose what kind of interval you want to set.
Pau Lo

Do you think there is much risk in not disabling them from a security/vulnerability management perspective. Granted, its poor practice from an asset management perspective (and could even point to lost/stolen equipment), but in your view do your update & patching systems take effect fairly quickly as soon as devices login even after a window of inactivity?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
William Fulks

The risks include missing patches and program updates, AV definitions updates, policy updates, etc. Also, if someone stole the device and were still able to get into the system using an old cached password, they could possibly use it to gain network access.