Event banner

AMA: Device Health Attestation - security benefits and integrations

Event Ended
Thursday, Oct 27, 2022, 11:00 AM PDT
Online

Event details

Ensuring that a platform is healthy and trustworthy is a fundamental vertical in today’s zero trust approach, and this has become one of the keys focuses of recent times. Pre-OS boot continues to rem...
Heather_Poulsen
Updated Dec 27, 2024
Technical Takeoff
Paul_Woodward's avatar
Paul_Woodward
Iron Contributor
Oct 27, 2022
We see a lot of false positives for compliance failures, e.g. Firewall up for userA, Firewall detection failure for userB. This makes it impractical to use Conditional Access as intended, to block access to Email/Sharepoint etc. This has been the case for 2 years. It's actually slightly better as time goes by, but still a problem. I think non-compliance should only be set if you _know_ it's not compliant. If you get multiple conflicting signals, clearly the problem is with your service and you shouldn't be locking users out of corporate resources. Why are things evaluated per user? Bitlocker is on or off on the device. Firewall is on or off. Secure Boot is on or off. It all feels like you've made it more complex than it needs to be.
Date and Time
Oct 27, 202211:00 AM - 11:30 AM PDT