The Devices section of the Employee Portal lets you register and manage the devices you use for work. Registered devices are tracked for compliance with your organization’s security requirements, including disk encryption, operating system updates, and endpoint protection agent installation.

Why Device Registration Matters

Compliance frameworks require organizations to track and secure all devices that access company data:
FrameworkDevice Management Requirements
ISO 27001A.8.1 (Inventory of assets), A.11.2 (Equipment security)
SOC 2CC6.1 (Logical access), CC6.8 (Prevention of unauthorized software)
HIPAA164.310(b) (Workstation use), 164.310(c) (Workstation security)
PCI-DSS5.1 (Anti-virus on all systems), 9.9 (Protect devices that capture payment data)
Registering your devices helps your organization maintain an accurate asset inventory and verify that all work devices meet security standards.

Viewing Your Devices

Open the Devices tab in the Employee Portal to see all devices registered to you:
FieldDescription
Device nameThe name of your device (e.g., “John’s MacBook Pro”)
TypeLaptop, desktop, phone, or tablet
Operating systemmacOS, Windows, Linux, iOS, or Android
Compliance statusCompliant, non-compliant, or pending review
Last checkedWhen the device’s compliance was last verified

Registering a New Device

1

Click Register Device

From the Devices tab, click Register Device to start the registration form.
2

Enter device details

Provide the required information about your device:
  • Device name — A recognizable name (e.g., “Work Laptop”, “Company iPhone”)
  • Device type — Laptop, desktop, phone, or tablet
  • Operating system — Select the OS and version
  • Serial number — Found in your device’s system settings (optional but recommended)
  • Model — Device manufacturer and model (e.g., “MacBook Pro 14-inch 2023”)
3

Submit registration

Click Register to submit your device. The device appears in your device list immediately.
Register all devices you use to access company email, files, code repositories, or internal applications. This includes personal devices if your organization has a BYOD (Bring Your Own Device) policy.

Device Compliance Status

Each registered device displays a compliance status based on your organization’s security requirements:
The device meets all security requirements. No action needed.Typical requirements for a compliant device:
  • Disk encryption is enabled (FileVault, BitLocker, LUKS)
  • Operating system is up to date (within the allowed patch window)
  • Endpoint protection agent is installed and active
  • Screen lock is configured with a reasonable timeout
  • Firewall is enabled
Non-compliant devices may be flagged during audits and could result in restricted access to company resources. Address compliance issues promptly when they are flagged.

Resolving Non-Compliance

If your device is flagged as non-compliant, take the following actions based on the specific issue:
  • macOS: Go to System Preferences > Security & Privacy > FileVault and turn it on.
  • Windows: Go to Settings > Update & Security > Device Encryption or enable BitLocker in Control Panel.
  • Linux: Full disk encryption is typically configured during OS installation. Contact IT for guidance.
  • macOS: Go to System Preferences > Software Update and install available updates.
  • Windows: Go to Settings > Update & Security > Windows Update and check for updates.
  • Contact IT if updates require approval or if you encounter errors during the update process.
Contact your IT team for instructions on installing the required endpoint protection software (CrowdStrike, SentinelOne, Microsoft Defender, etc.). Do not install security software from unofficial sources.
  • macOS: Go to System Preferences > Security & Privacy > General and set “Require password after sleep or screen saver begins” to “immediately” or “5 seconds”.
  • Windows: Go to Settings > Accounts > Sign-in options and configure a lock timeout.

MDM-Managed Devices

If your organization uses a Mobile Device Management (MDM) solution (Jamf, Intune, Kandji), your device may already be registered and monitored automatically. In this case:
  • The device appears in your portal with compliance data from the MDM system
  • Compliance checks are performed automatically on every MDM sync cycle
  • You do not need to register the device manually
If your device is managed by MDM but does not appear in your Employee Portal, contact your IT team. The MDM integration may need to be configured to sync device-to-user assignments.

Removing a Device

If you are no longer using a device for work (returned, replaced, or decommissioned):
  1. Open the Devices tab and find the device.
  2. Click Remove or Deregister.
  3. Confirm the removal.
The device is removed from your active device list but remains in the audit trail for compliance records.
Always deregister devices when you receive a replacement. Stale device records can complicate compliance reporting and give auditors the impression that decommissioning processes are not followed.

Privacy

Device registration in LowerPlane collects only the information necessary for compliance:
  • Device type, model, and operating system version
  • Compliance status of security settings (encryption, protection agent, updates)
  • Serial number (for asset tracking)
LowerPlane does not access your personal files, browsing history, location, or application usage. The compliance checks verify security settings only.