What is device monitoring?
To build a strong security and compliance foundation, organizations need to be able to view, manage, and secure devices, such as laptops and desktops. Through Vanta, you can monitor your company’s computers, track every employee who has a laptop that is observed, and ensure your company’s computers are secure. Companies typically monitor their devices through Mobile Device Management (MDM) software. For customers without an MDM, Vanta offers the Vanta Device Monitor as a lightweight device monitoring tool.
What does the “Require device monitoring” task track?
When the “Require device monitoring” task is assigned to an employee, it tracks that the employee has a computer that is monitored in Vanta (either through the Vanta Device Monitor or an integrated MDM). The task will automatically pass if the employee owns a computer in Vanta. You can view all the computers in your account, along with their owners, on the Computers Page.
Assigning the “Require device monitoring” task to personnel
Assign device monitoring tasks to your employees by adding the task to the relevant group(s). Then:
Using Vanta Device Monitor: Within the device monitoring task, select “Prompt employees to install the Vanta Device Monitor”. If this option is selected, employees with this task can log in to Vanta and install the Vanta Device Monitor on their computer. Once they do so, the computer will appear in Vanta, and the task will be completed.
Using MDM: Select “Don't prompt employees to install the Vanta Device Monitor”. If this option is selected, employees assigned to this task will be required to have a computer monitored by your Mobile Device Management (MDM), and they will not be able to download the Vanta Device Monitor.
We recommend monitoring the computers for all your employees. In some cases, companies use contractors who don’t want their computers to be monitored. If this occurs for you, you can assign this task to full-time employees only by creating a group of full-time employees and assigning the task to that group. |
What information does Vanta track for each computer?
Once a computer is in Vanta, we track the following information on the Computers Page. Each of these statuses is required for compliance:
Antivirus installed: This status tracks whether antivirus software is deployed on the computer. Vanta determines this by checking whether the computer installed one of the antivirus software on this list. Learn more about how Vanta detects Kandji, JumpCloud, and Microsoft Intune antivirus.
Hard drive encrypted: This status checks whether the computer’s hard drive is encrypted. Learn more.
Password manager installed: This status checks whether the computer has a supported password manager installed. Vanta determines this by looking at the apps installed on the computer. If the Vanta Device Monitoror JumpCloud MDM monitors the computer, we will also check Chrome extensions on the computer.
Using the Vanta Device Monitor
The Vanta Device Monitor is a lightweight program designed to run in the background of your computer, monitoring it for standard compliance requirements. It uses OSQuery to detect specific settings and applications installed on devices. It has a minimal performance impact: once you install the app and register your device, you shouldn’t notice any difference. Learn more.
The Vanta Device Monitor is ready to use with your Vanta account; no additional configuration is required.
To prompt your personnel to install the Vanta Device Monitor on their computers, assign them the 'Require device monitoring' task with the' Prompt employees to enable the Vanta Device Monitor' option.
Integrating an MDM with Vanta
If Vanta supports your Mobile Device Management (MDM), you can integrate it with your account from the Integrations Page.
Should I use the Vanta Device Monitor or a Mobile Device Management (MDM) solution?
The Vanta Device Monitor is a lightweight software recommended for smaller companies (fewer than 75 devices). For larger companies, we recommend purchasing an MDM with additional features, such as enforcing security policies and managing device configurations. Learn more.
Viewing your company computers
The Computers Page lists all of your company’s computers. It also lists each computer’s owner, how it is monitored, its operating system, and the statuses above.