Basic endpoint security auditing and policy enforcement

Idea created by andyschwab@adventures.org on May 25, 2016
    Under Consideration
    Score30
    • Yuval Pecht
    • Matt Kirchhoff
    • 6828935
    • Jordan Rice
    • andyschwab@adventures.org
    • Steven Dracker

    (Originally posted on 9, June 2015)

    My team and I have made Samanage with Google Apps our core IT management system. We have a number of personally owned computers we support in addition to our org-owned systems, and Samanage has been critical for giving us a clear picture of all of these.

    With Samanage plus Google's improving MDM and Chrome device management, we have a 100% solution for tracking and a 50% solution for securing all of the systems that touch our data, whether mobile or traditional, personal or organization-owned.

    The piece we're missing is a way to monitor and apply baseline security policies to a Windows or OS X system. Basic requirements would be minimalistic, comparable to the existing Google MDM and Chrome management feature set, and might include:
    • User account settings
    • Password policies
    • Screen lock settings
    • OS update policies
    • OS/disk Encryption reporting, remote lock/wipe (Wave Cloud integration?)
    Samanage already includes remote connection integration and risk reporting for installed applications. If these additional security features could be integrated into Samanage, it would be possible to provide automated, cloud-based management of all our systems. 

    Even if these could only be added to risk reporting, it would considerably improve our security visibility for personally owned computers. If policy enforcement were possible, we could go even further and drastically simplify endpoint management for the bulk of our workforce.

    Thanks!
    What problem will this feature solve?: