search
Sprinto DashboardAPI Reference

Extended Checks in MDM Tool Comms

Learn how Sprinto’s extended MDM integrations enable automatic monitoring of screen lock, antivirus, and encryption compliance across popular device management tools.

Sprinto now supports extended device compliance checks across major Mobile Device Management (MDM) tools, allowing organisations to automatically monitor key security controls—such as screen lock, antivirus, and disk encryption—without manual intervention.

These enhancements extend Sprinto’s ability to fetch, verify, and report compliance directly from your MDM provider’s APIs, ensuring real-time, audit-ready visibility into device posture.

hashtag
Supported Providers

Sprinto’s extended MDM checks are currently available for the following providers:

MDM Provider
Supported Checks
Documentation Link

Hexnode

Screen Lock, Antivirus, Disk Encryption

View article

Microsoft Intune

Screen Lock, Antivirus (Windows only)

View article

Iru (Kandji)

Screen Lock, Antivirus

View article

ManageEngine

Screen Lock, Antivirus

View article

JumpCloud

Screen Lock, Antivirus

View article

JAMF

Screen Lock

View article

hashtag
Why These Checks Matter

Automated compliance verification helps organisations:

  • Maintain continuous visibility into endpoint security posture.

  • Reduce manual evidence collection by leveraging MDM data directly.

  • Streamline audits by linking device controls to compliance frameworks.

  • Stay audit-ready with real-time status updates across managed devices.

Sprinto’s extended MDM checks directly map to key compliance requirements such as:

Control Area
Example Frameworks
MDM Check

Access Control

ISO 27001 A.9.2.3 / SOC 2 CC6.1

Screen Lock

Protection Against Malware

ISO 27001 A.12.2.1 / SOC 2 CC6.6

Antivirus

Encryption of Data at Rest

ISO 27001 A.10.1 / SOC 2 CC6.7

Disk Encryption

hashtag
How It Works

  1. MDM Integration: Sprinto securely connects to your MDM tool using API credentials configured in the Integrations section.

  2. Data Fetch: Device policy and app data are fetched at scheduled intervals.

  3. Compliance Mapping: The fetched data is mapped to Sprinto’s internal datapoints for each control (e.g., screen lock timeout, encryption status, antivirus presence).

  4. Monitoring & Reporting: Sprinto continuously updates monitor statuses, flags non-compliant devices, and generates remediation tasks.

hashtag
Supported Compliance Checks

Check Type
Description
Supported OS

Screen Lock

Validates auto-lock enforcement and idle timeout ≤ 15 minutes

Windows, macOS

Antivirus

Detects presence of recognised antivirus software

Windows, macOS

Disk Encryption

Confirms FileVault (macOS) or BitLocker (Windows) enabled

Windows, macOS

hashtag
How to Get Started

  1. Ensure your organisation’s MDM provider is integrated with Sprinto.

  2. Follow the provider-specific setup guide to configure policies and permissions.

  3. Reconnect your MDM integration within Sprinto (Settings → Integrations → Manage → Update Connection).

  4. Verify that new monitors appear under the Staff Devices section.

Refer to the individual guides for step-by-step setup instructions:

hashtag
Common Questions

Q1. Are these checks available for all plans? Yes. Extended checks are included in all Sprinto plans that support MDM integrations.

Q2. How often does Sprinto sync MDM data? Sprinto periodically fetches data from connected MDMs, ensuring near real-time compliance visibility.

Q3. Can I disable specific checks? Yes. Admins can disable monitors from the Staff Devices dashboard if they’re not applicable.

Q4. What happens if an MDM API fails? Sprinto will retry fetching data automatically. If the issue persists, a sync error notification will appear in the dashboard.

PreviousHow to resolve VAPT vulnerability should be resolved monitorNextJAMF – Extended Checks for Screen Lock

Last updated