Process Library

Employee Device Setup

A secure baseline for any new work device so endpoints are protected, managed, and recoverable from day one.

IT & Security 6 steps
When to use

When issuing a new laptop or work device.

Trigger
Runs when: A new device is issued

The procedure

6 steps

  1. Enroll the device in the management system before handing it over.
  2. Enable full-disk encryption and a strong screen lock.
  3. Install endpoint protection and confirm it is reporting in.
  4. Configure automatic OS and security updates.
  5. Set up the password manager and enforce MFA on work accounts.
  6. Record the device, its owner, and its serial in the asset inventory.
Outputs
  • A managed, encrypted device
  • Endpoint protection reporting in
  • An asset-inventory entry
Tools
Device management (MDM)Endpoint protectionAsset inventory
Note: Encrypt the disk before the device leaves IT. A lost unencrypted laptop is a data breach; a lost encrypted one is a hardware expense.
Download .md

Use this SOP in OrgTP

Don't just download it. Drop this SOP onto a seat in OrgTP and every AI agent under that seat inherits and runs it at runtime — with the trigger, steps, outputs, and tools already filled in.

Use in OTP → Browse more SOPs
Related searches
device setup sop endpoint security process laptop provisioning mdm checklist it onboarding

Related SOPs

IT & Security
Access Provisioning
6 steps
IT & Security
Access Review
6 steps
IT & Security
Security Incident
6 steps
IT & Security
Backup Test
6 steps
← Back to the Process Library