Devices overview

Understanding and ensuring compliance of your organization's devices is crucial to maintaining a strong security posture. The Devices feature in XFA offers administrators a centralized view and powerful tools to ensure device compliance and security across your organization.

Finding Devices

Devices overview is an overview of all devices know to XFA - either discovered or verified through the awareness or enforcement stages. The enrollment process ensures that devices are registered and provide the necessary data for security evaluations.

Methods to onboard devices:

1. Discovery: Link your identity provider (IdP) to XFA. XFA reads authentication logs and derives the devices used by each user from these logs. This will lead to a full overview of all discovered devices without verified information.
2. Emails: Users receive an email, either triggered through awareness for previously discovered devices or manual invitations, prompting them to verify their device. This involves installing the XFA app and completing the verification flow.
3. Enforcement: When users attempt to use an application or log in, XFA ensures that the device must share its compliance status and meet the organization’s security requirements before allowing the user to complete the login process.

Once devices are sharing their security status, devices will periodically sync with XFA to ensure the latest data is available.

Device Insights

XFA provides a detailed overview of all devices sharing their status with your organization. Administrators can view essential information, such as:

• Device Status: Indicates whether the device is compliant with set security policies.
• Last Seen: Tracks the last activity of the device.
• Owner: Displays the user associated with the device.
• Security Properties: Provides insights into:
  • OS version and patch status.
  • Disk Encryption status.
  • Browser version.
  • Screen lock status.
  • Auto-update settings.
  • Antivirus status.
  • Password manager status.

This information helps identify potential risks and act swiftly to mitigate them.

tip

Quickly finding devices: To quickly locate a device, use the search bar in the top-level navigation. Devices can be searched by:

• Their display name (e.g., Zack’s MacBook Pro)
• Their security status (e.g., At risk, Safe)
• The name or email address of their registered owner

Conditional Access

XFA integrates with platforms such as Google Workspace, Microsoft, and Okta to enforce conditional access policies. This ensures that only compliant devices can access your organization’s sensitive data and systems.

info

For example, a device failing to meet encryption standards may be restricted from accessing email or cloud storage.

Device Management Actions

From the XFA dashboard, administrators can take action on devices and users directly:

Per User Actions:

• Remove User: For example, if a user leaves the company, their devices are also removed from the database. If a removed device is later re-added, it will be registered as a new device.
• Reset MFA: This resets MFA for all devices where the XFA MFA feature is in use. The user must re-trust all their device via the MFA flow.

Per Device Actions:

• Remove Device: See above for the impact of removing a device.
• Send Verification Email: For discovered devices with incomplete information, prompt the user to verify the device.
• Send Risk Update Email: Notify the user about security risks associated with their device, such as non-compliance with security policies, and ask them to update or adjust settings.
• Reset MFA: Resets MFA for the specific device. The user must re-trust the device through the MFA flow.

---

For further details, explore the Policies and Awareness documentation.