Plans & Projects

Why churches need device management

Standardized configuration of devices… it’s not the most exciting church technology topic, but it’s a church management fundamental topic and holds massive implications for churches. Not only does implementing configuration standardization reduce technical support issues and real fully burdened staffing costs, but it is also a key element to protecting a church from cyber criminals. When done right, pastors and other church staff should be more efficient and better equipped for core ministry objectives like discipleship.

For example:

  • Do all the devices have a password policy?
  • Do they all automatically install or provide the option for one-click installation of the software pastors need?
  • Is the antivirus software on all the systems configured to block attack behaviors?
  • Are mobile devices isolating church member information and requiring a PIN or biometric check to access it?
  • Are there administrator accounts in use on devices that could be used to pivot into bigger attacks against your church?
  • Is the church’s data being encrypted on devices so it’s not at risk of theft?

The solution is to use Mobile Device Management via Intune

This is where churches can and should use their donations of Microsoft Intune to manage desktops, laptops, tablets, and mobile devices. Intune is a Mobile Device Management (MDM) system that ensures apps, patches, and settings are deployed correctly and are up to date.

So how can you get started with Intune?

You will probably want to start with workplace joining computers in your church. There are three main ways to do this on Windows (Pro or Enterprise):

  1. The first is to select a work/business setup during Windows setup.
  2. The second is to use Autopilot to have a computer already assigned to Intune management before any user has laid eyes on it.
  3. The final method is to use the “Access work or school” option in the Windows 10 or 11 settings. Be sure to select joining Azure Active Directory and give it your Microsoft 365 email address/login.

For macOS, the most direct way is to use the Microsoft Company Portal from the app store which will initiate joining the macOS device to Intune for management. Most average and even large sized churches generally need to treat macOS devices as “Bring Your Own Device” (BYOD) instead of as a joined device. If your church is 100% macOS and iOS devices with no Windows or Android devices, you may want to use Apple Business Essentials for an MDM solution.

Once you have joined devices, you can apply policies to those devices that help your team work even easier, especially on ministry objectives, while while avoiding many issues and cyber threats along the way.

Isaac Johnson

Isaac has been in professional ministry since 2002, holds an M.Div. from Moody, and his goal is to equip churches to reach digital natives.

Other articles you might like…