• Overview
• Cloud Secure Edge-sourced Trust Factors
  • Auto Update
  • Disk Encryption
  • Firewall
  • Not Jailbroken
  • Screen Lock
  • Application Check (desktop-only)
  • Operating System Version
  • Banyan App Version

Overview

This document outlines

Cloud Secure Edge-sourced Trust Factors

Auto Update

Auto Update assesses whether devices are automatically installing new versions of their operating systems. Devices satisfy this Trust Factor only if updates are automatically installed; auto-checking for updates will not satisfy this Trust Factor.

How Cloud Secure Edge Collects the Factor:

echo (New-Object -com Microsoft.Update.AutoUpdate).Settings.NotificationLevel

Disk Encryption

Disk Encryption assesses whether devices’ disk encryption is enabled.

How Cloud Secure Edge Collects the Factor:

manage-bde -status (pre 3.6)

Get-BitlockerVolume (post 3.6)

Firewall

Firewall assesses whether devices’ firewalls are enabled.

How Cloud Secure Edge Collects the Factor:

Get-NetFirewallProfile

Not Jailbroken

Not Jailbroken assesses whether devices are rooted or jailbroken.

Screen Lock

Screen Lock assesses whether devices’ screen lock capability is enabled.

Application Check (desktop-only)

Application Check assesses whether the admin-defined list of required apps is met by devices in your org. Devices must have all specified apps running, and devices do not receive partial credit for having a subset of the required apps running.

How Cloud Secure Edge Collects the Factor:

tasklist /fo csv /nh

Operating System Version

Operating System Version assesses whether devices’ OS versions are not older than the oldest allowed version of an OS. The oldest allowed OS version is determined and set by the admin. To satisfy this Trust Factor, users in your org must be running OS versions that are greater than or equal to the version specified by your admin.

How Cloud Secure Edge Collects the Factor:

wmic os get Caption,Version,BuildNumber /value

Banyan App Version

Banyan App Version assesses whether devices’ desktop app version is not older than the oldest allowed version. The oldest allowed app version is determined and set by the admin. To satisfy this Trust Factor, users in your org must be running app versions that are greater than or equal to the version specified by your admin.

---

Can’t find what you’re looking for?

We’re happy to help. Contact our team.