Skip to main content

Managing Employee Devices with MDM

Ensure every employee device meets compliance standards — encrypted, protected, and locked.

Upendra Varma avatar
Written by Upendra Varma
Updated over a week ago

Why Device Compliance Matters

As part of frameworks like SOC 2, ISO 27001, and others, you're expected to manage and monitor employee devices to ensure they're secure. This means:

  • Installing an MDM (Mobile Device Management) solution

  • Enforcing security configurations like encryption, screen lock, and antivirus

  • Maintaining visibility into device status

With ComplyJet, you can automate most of this by integrating with your MDM provider.

Step 1: Choose & Integrate an MDM Provider

Start by selecting the MDM solution you want to use. ComplyJet supports a wide range of providers like Kandji, Hexnode, Microsoft Intune, and more. You’ll find them listed on the Integrations page.

Once you’ve chosen a provider, complete the integration process. After integration, ComplyJet will begin pulling in device data automatically — no manual setup required.

Step 2: Install MDM on All Employee Devices

Next, install the selected MDM agent on every active employee’s device. This allows ComplyJet to fetch configuration details like:

  • Whether disk encryption (e.g., FileVault) is enabled

  • Whether a screen lock is configured

  • Whether antivirus protection is installed and up-to-date

These are the key checks expected by most compliance frameworks.

Step 3: Review Device Compliance

On the Devices page, you’ll see a list of all employee devices pulled from your MDM integration.

Each device shows its compliance status based on:

  • Encryption: Is the hard drive encrypted?

  • Antivirus: Is antivirus software installed and active?

  • Screen Lock: Is a screen lock enabled and properly configured?

For example, a compliant device may show FileVault enabled, XProtect running, and a screen lock set up. Another device might have disk encryption enabled but be missing antivirus — marking it as non-compliant.

Your goal is to bring every device to a compliant state by following the relevant remediation steps.

Provider-Specific Fixes

Remediation instructions can vary depending on your MDM provider. You can visit the integration-specific page within ComplyJet to view setup steps, recommended tools, and platform-specific tips for resolving issues.

Final Goal

To stay audit-ready, ensure that:

  • Every employee device is registered with your MDM

  • Encryption, antivirus, and screen lock are fully configured

  • Non-compliant devices are fixed promptly

ComplyJet helps you track, monitor, and manage this — all in one place.

Related Articles
Azure SOC 2-Ready Configuration Guide
Managing Employee Compliance
Did this answer your question?