Device enrollment - FAQ

Volue, as any company taking its security seriously, is aiming to limit access only to devices that are managed by the company. This ensures that such devices meet Volue security policies, like antivirus being up-to-date or computer running specific Operating System version. The change was originally communicated via Viva Engage post (https://engage.cloud.microsoft/main/org/volue.com/threads/eyJfdHlwZSI6IlRocmVhZCIsImlkIjoiMjk0MTg3ODUwMTE1NDgxNyJ9). Below you can find most commonly asked questions and answers.

Question: Why this change is introduced?
Answer: As a security best practice, it allows to protect company's data from various type of attacks, like Man in the Middle (MitM). Even in case user's credentials and MFA is hijacked (e.g. via logging on malicious web site), attackers still won't be able to access resources as their machines won't be compliant.
Question: How can I enroll my mobile device?
Answer: Instructions on how to enroll your mobile devices can be found below:

iOS/iPadOS: https://helpdesk.volue.com/support/solutions/articles/54000046992
Android: https://helpdesk.volue.com/support/solutions/articles/54000046995
Question: Can I use any web browser on my Volue-managed PC?
Answer: No, only popular browsers support device-based conditional access, which is required for the computer to pass the information about device state (complaint/not compliant). List of supported browsers can be found here: https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-conditional-access-conditions#supported-browsers. As long as a web browser isn't able to pass through device compliancy status, it cannot be used with new security policies.
Question: I like using my existing, less popular web browser (e.g. Opera). Am I allowed to use it for private web surfing?
Answer: Yes, you can continue using your existing browser for any purpose other than accessing Volue data.
Question: I can't logon when using InCognito / InPrivate mode in my browser. Is this expected?
Answer: Yes, Browsers working in InCognito / InPrivate modes are not passing information about device state (complaint/not compliant). This is expected behaviour.
Question: I've enrolled my mobile device (phone, tablet). Can Volue see my data?
Answer: No, we are not able to read or see user's files, pictures etc.
Question: I've enrolled my mobile device (phone, tablet). Is Volue able to track the location of my device?
Answer: No, we are not able to track device's location.
Question: I've enrolled my mobile device (phone, tablet). Can Volue wipe my device?
Answer: For Android, we can only trigger a wipe of corporate data - which is stored in a totally separate, isolated area on the device. For iOS/iPadOS we are able to restore the device to factory-defaults, which wipes all the data on the device. This will however, only be done on specific request of device owner, usually in case of e.g. device being stolen or lost.
Question: I want to use my personal PC but I'm not allowed to. Can I be excluded from device compliancy requirement?
Answer: Any security exclusions need to be approved by Chief Information Security Officer (brynjar.larssen-aas@volue.com)
Question: Since the change I cannot login to my Windows Server/Linux virtual machine. What now?
Answer: Those type of devices are not ready for the change yet. As a workaround, users accessing such machines will temporarily be added to exclusion list, until Windows Server/Linux machines are supported in Volue (shouldn't be long).
Question: My machine has been enrolled in Volue but still I can't access some resources. What now?
Answer: Please report a ticket at itsupport@volue.com, providing which device you have issues with.
Question: I'm an external consultant and don't have/can't use Volue computer. Will the change affect me?
Answer: Yes, you will be affected as well. For external consultants, separate solution will be prepared (more details to come).