Skip to main content

3 posts tagged with "Desktop"

View All Tags

Screen lock timeout enforcement

· One min read

XFA now supports screen lock timeout enforcement in addition to the existing screen lock enable/disable check.

Previously, XFA only verified whether screen lock was enabled on a device. Now, admins can also configure a maximum allowed timeout duration — and XFA will verify that the device's screen lock timeout is within that limit.

What's new:

  • Admins can set a maximum screen lock timeout (in minutes) in their organization's policy
  • XFA checks both that screen lock is enabled and that the configured timeout does not exceed the maximum
  • Supports macOS, Windows, and Linux with platform-specific timeout detection
  • The timeout check works alongside the existing enable/disable check — both must pass for the device to be compliant

This gives organizations tighter control over idle device security, ensuring employees cannot set excessively long timeouts that leave devices exposed.

Configure your policies

Intune and Vanta Checks

· One min read

Two new MDM and compliance checks are now available for the desktop app:

  • Microsoft Intune — Verify whether a device is enrolled in Microsoft Intune. Supports both macOS and Windows.
  • Vanta — Detect whether the Vanta compliance monitoring agent is installed and running. Supports macOS, Windows, and Linux.

Both checks can be configured in your organization's policy with warning and blocking actions, just like all other security checks.

These checks are currently available on desktop only.

Configure your policies

Dynamic Security Checks per Organization

· One min read

The XFA app now shows only the security checks that your organization requires, instead of displaying all available checks.

Each organization configures its own policy with specific security requirements. The app now dynamically matches these requirements and shows you exactly which checks apply to you:

  • Policy-scoped checks — Only checks defined in your organization's policy are evaluated and displayed.
  • Clear status per check — Each check shows whether your device passes, needs attention, or is blocked.
  • Not required checks — Checks that don't apply to your organization are marked as "Not required" so you always know what matters.

This makes it much easier to understand what your organization expects from your device and how to stay compliant.