Security   During a device refresh or back-to-school rollout, security work should happen before devices return to users. Use FileWave to check patch status, enforce required settings, deploy notifications, and report on devices that still need attention. Protect devices before they return to users Before handing devices back, verify OS and application patch status and apply the security settings your organization requires. FileWave can deploy updates, profiles, scripts, and Filesets so each device starts from a known baseline. Patch all managed systems on a regular schedule so device-refresh work does not return outdated devices to users. If local admin accounts exist, consider a password-rotation workflow such as Integrating EasyLAPS with FileWave for macOS. A shared local admin password can become a problem after staff changes or device handoff. Prepare users for the security workflow User behavior still affects device security. Tell users what to expect during refresh, which updates or prompts they may see, and how to report suspicious activity or failed installs. FileWave can deploy scripted notifications with PowerShell on Windows or tools such as swiftDialog Deployment (macOS PKG) on macOS. Use a short annual security-training program if your organization does not already have one. Even a basic refresher is better than assuming users remember every policy. Monitor device status Use FileWave reporting and inventory data to spot devices that missed patches, failed a security Fileset, or drifted from the expected configuration. Catching those devices early is easier than troubleshooting a larger issue after the rollout. Custom Fields can help surface security state, remediation status, or other values that admins need to report on. Plan the response before an incident Have a response plan before you need it. FileWave can help identify affected devices, target remediation, and return devices to the expected state, but the team still needs a clear process for who acts, what gets isolated, and how communication happens. Document the first steps for common incidents so the team does not have to invent the process during the event. Review security measures after the rollout After refresh or re-enrollment work, review patch coverage, failed deployments, user-impact notes, and any incidents found during the process. Use that data to tune the next rollout instead of treating security checks as a one-time task.