RSystems
Back to Glossary

MDM · Security

Device Trust

The policy that sensitive systems can only be accessed from recognized, managed devices — not just a correct password.

Device trust is the policy that sensitive systems — HR data, financial systems — can only be accessed from devices the organization knows about and trusts. Rather than relying on a correct password alone, the system also checks that the request is coming from a recognized, compliant device.

For company-owned laptops this is straightforward. The harder and more interesting case is personal devices: you want to let people check email on their own phones without taking over those phones. The answer is a lightweight enrollment that places a revocable certificate — a cryptographic watermark — on the personal device, confirming it's trusted and allowing access to be cut off instantly if the device is lost or the person leaves.

Device trust has good support on both iOS and Android for personally owned devices. On Apple it depends on signing in with a managed Apple ID, which ties the personal device to your organization — yet another reason to manage Apple identities properly from the beginning.

Related Terms

MDM

BYOD

Bring your own device — the policy and security questions around employees using personal phones and

Read

MDM

Managed Apple ID

An Apple account your organization creates and controls through Apple Business on your domain — you

Read

MDM

MDM

Centrally manages and secures your device fleet — laptops, phones, tablets — enforcing policies and

Read

Security

Certificate

A cryptographically signed credential that proves identity. Browsers verify a website's certificate

Read