Supported Platforms

Microsoft Azure Active Directory joined Devices

Microsoft Azure Active Directory, commonly known as Azure AD, is a system in Microsoft Azure that enables identity management to configure user and group access to services and resources. Together with deviceTRUST contextual security, administrators now have a powerful new way to securely and intelligently enforce all security, compliance and regulatory requirements for Azure AD connected devices for access to on-premises or cloud resources.

Compliant status

Regardless of how Azure AD connected devices are managed, the Compliant Status of the device within Azure AD can be set accordingly depending on the context of the device.

Diverse context

For the context definition, various information from the physical device, the connected network, the location, day and time as well as about the user itself can be used locally as well as within Azure AD, e.g. for the compliant status or for conditional access.

Compliant application access

Local applications available on the device can be controlled contextually using Microsoft AppLocker or FSLogix App Masking. This ensures that applications are only available as specified. This also applies when unlocking and during session runtime for instances that are still running.

Authorized USB drives

Ensures that only authorized USB drives can be used on the device. In addition to technically blocking unauthorized USB drives, the user is blocked from accessing the session while the unauthorized USB drive is plugged in with a customizable notice.

Configuration defaults

Apply configuration defaults and policies to control available options and resources. This makes it very easy, for example, to apply policies to control session idle time depending on the context of access, or to connect session printers based on location.

Real time

The deviceTRUST context is always up to date. Context changes can be detected not only during login and when reconnecting to the session, but also during the session runtime to launch predefined actions.

Status report

You can quickly and easily create visibility of accesses via predefined and ready to use dashboards for Azure Log Analytics, Splunk, Graylog, and ELK Stack.

No additional infrastructure

No additional cloud infrastructure is required to use deviceTRUST.

As a result, deviceTRUST brings together all the context and control you need to protect your enterprise resources while providing the modern access your users demand.