Verifying that personally-owned devices used for work meet a security baseline, without enrolling them in MDM and without taking control of the device. Read-only observation, voluntary install, privacy-respecting by design.
Corporate-owned fleets can be enrolled in MDM at provisioning; the organisation pushes policy and the device complies. Personal-owned and contractor laptops cannot accept that arrangement. The device is the user's, and demanding MDM enrolment is both legally fraught and practically a non-starter for most contractors. Yet the same employees increasingly need access to corporate resources from those devices — and accessing without any posture verification is simply granting access to unverified hardware.
A read-only agent reads configuration state and reports posture. It cannot push policy, deploy software, or wipe the device. The user retains full ownership.
The user runs a single-line install script. They can uninstall at any time. The contract is explicit: posture verification in exchange for resource access.
The agent reads only security-relevant metadata. No file contents, browsing history, screen content, keyboard input, microphone, camera, or location. Full inventory documented in the Trust Center.
Once posture is verified, Conditional Access systems can grant access based on the Security Score. A BYOD device with a high score might access most resources; a lower score might access only documentation; a low score blocks everything sensitive. The user remediates by improving their device's configuration — turning on the firewall, enabling encryption, patching the OS — and access returns automatically.
Free for up to 10 devices. Read-only agent, voluntary install, no MDM required.
Get started free →