Guru's Verification engine ensures consistency, confidence, and trust in the knowledge your organization shares. Learn more.

Okta - Admin Checklist - Device Trust Configuration

Introduction

  • Device Trust is the idea that a user’s device must be secure before accessing an organization’s sensitive resources (such as networks, cloud apps, and data). In this context, “users” generally means an organization’s employees, contractors, or vendors, and “devices” refers to the endpoints they use for work: laptops, desktops, and mobile devices.

How it Works

  • Device Trust is designed to block a device from accessing your SaaS apps and other resources if it isn’t running the agent or passing specific requirements.
  • These requirements would be defined by the internal admin and are based around specific checks.
  • To be a secure device trust solution, it must associate devices with users who work for an organization. Since Device Trust has no knowledge of an organization’s employees or contractors and it can only obtain this information by integrating with Okta.
  • If a device isn’t compliant, users can’t log in to their cloud apps until they’ve fixed the problem. To reduce the load on IT teams it provides instructions to users on how they can fix the issues to make their device compliant.

Prerequisites

✅ 1Password Extended access management

To sign up for 1Password Extended Access Management, contact the 1Password Sales team.

✅ Okta requirements

These SKUs are required in order proceed with the implementation of Device Trust.

  1. Okta Identity Engine (OIE) - Okta Classic will not work with Device Trust
  2. The following four SKUS:
    1. Basic SSO (or higher)
    2. Basic MFA (or higher)
    3. Universal Directory
    4. Lifecycle Management

✅ A Kolide account that has device trust enabled

At the time of this writing, Kolide’s Okta integration is only available to customers that have explicitly requested access. To see if you have access, simply attempt to sign in to Kolide at the url https://app.kolide.com.

If after signing in, if your top-level navigation includes the item Requests then you are all set. If you don’t have access, you’ll be redirected back to https://k2.kolide.com.

To request access, you can reach out to our team.

Note: Once you have Kolide Device Trust, you should always access Kolide from app.kolide.com. With that said, even after the upgrade, k2.kolide.com will remain accessible to your administrators.

⚠️ Be aware

  • Okta Classic will not work with Device Trust

🗂 Documentation and resources

💬 Keywords

device trust okta, device trust, admin checklist

You must have Author or Collection Owner permission to create Guru Cards. Contact your team's Guru admins to use this template.