# Extended Checks in MDM Tool Comms

Sprinto now supports **extended device compliance checks** across major Mobile Device Management (MDM) tools, allowing organisations to automatically monitor key security controls—such as screen lock, antivirus, and disk encryption—without manual intervention.

These enhancements extend Sprinto’s ability to fetch, verify, and report compliance directly from your MDM provider’s APIs, ensuring real-time, audit-ready visibility into device posture.

***

### Supported Providers

Sprinto’s extended MDM checks are currently available for the following providers:

<table><thead><tr><th>MDM Provider</th><th width="340.8203125">Supported Checks</th><th>Documentation Link</th></tr></thead><tbody><tr><td><strong>Hexnode</strong></td><td>Screen Lock, Antivirus, Disk Encryption</td><td><a href="/pages/gacMgEfMxb29psSHQDW5">View article</a></td></tr><tr><td><strong>Microsoft Intune</strong></td><td>Screen Lock, Antivirus (Windows only)</td><td><a href="/pages/fFN4sTLGJ0EMJM7Ij74L">View article</a></td></tr><tr><td><strong>Iru (Kandji)</strong></td><td>Screen Lock, Antivirus</td><td><a href="/pages/pVwgDQ0bCmQKm4SzDxES">View article</a></td></tr><tr><td><strong>ManageEngine</strong></td><td>Screen Lock, Antivirus</td><td><a href="/pages/T04lWHHwXZ6nIRJIDr0U">View article</a></td></tr><tr><td><strong>JumpCloud</strong></td><td>Screen Lock, Antivirus</td><td><a href="/pages/SUpBiAWz3aG7Bjm3jLJb">View article</a></td></tr><tr><td><strong>JAMF</strong></td><td>Screen Lock</td><td><a href="/pages/LKcZa9Xl72Cl98edJ1zg">View article</a></td></tr></tbody></table>

***

### Why These Checks Matter

Automated compliance verification helps organisations:

* Maintain **continuous visibility** into endpoint security posture.
* **Reduce manual evidence collection** by leveraging MDM data directly.
* **Streamline audits** by linking device controls to compliance frameworks.
* **Stay audit-ready** with real-time status updates across managed devices.

Sprinto’s extended MDM checks directly map to key compliance requirements such as:

<table><thead><tr><th width="240.80859375">Control Area</th><th width="282.0234375">Example Frameworks</th><th>MDM Check</th></tr></thead><tbody><tr><td>Access Control</td><td>ISO 27001 A.9.2.3 / SOC 2 CC6.1</td><td>Screen Lock</td></tr><tr><td>Protection Against Malware</td><td>ISO 27001 A.12.2.1 / SOC 2 CC6.6</td><td>Antivirus</td></tr><tr><td>Encryption of Data at Rest</td><td>ISO 27001 A.10.1 / SOC 2 CC6.7</td><td>Disk Encryption</td></tr></tbody></table>

***

### How It Works

1. **MDM Integration:** Sprinto securely connects to your MDM tool using API credentials configured in the **Integrations** section.
2. **Data Fetch:** Device policy and app data are fetched at scheduled intervals.
3. **Compliance Mapping:** The fetched data is mapped to Sprinto’s internal datapoints for each control (e.g., screen lock timeout, encryption status, antivirus presence).
4. **Monitoring & Reporting:** Sprinto continuously updates monitor statuses, flags non-compliant devices, and generates remediation tasks.

***

### Supported Compliance Checks

<table><thead><tr><th width="151.88671875">Check Type</th><th width="435.50390625">Description</th><th>Supported OS</th></tr></thead><tbody><tr><td><strong>Screen Lock</strong></td><td>Validates auto-lock enforcement and idle timeout ≤ 15 minutes</td><td>Windows, macOS</td></tr><tr><td><strong>Antivirus</strong></td><td>Detects presence of recognised antivirus software</td><td>Windows, macOS</td></tr><tr><td><strong>Disk Encryption</strong></td><td>Confirms FileVault (macOS) or BitLocker (Windows) enabled</td><td>Windows, macOS</td></tr></tbody></table>

***

### How to Get Started

1. Ensure your organisation’s MDM provider is integrated with Sprinto.
2. Follow the provider-specific setup guide to configure policies and permissions.
3. Reconnect your MDM integration within Sprinto (Settings → Integrations → Manage → Update Connection).
4. Verify that new monitors appear under the **Staff Devices** section.

Refer to the individual guides for step-by-step setup instructions:

* [Hexnode – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/hexnode-extended-checks-for-disk-encryption-antivirus-and-screen-lock.md)
* [Microsoft Intune – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/microsoft-intune-extended-checks-for-screen-lock-and-antivirus.md)
* [Iru (Kandji) – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/iru-kandji-extended-checks-for-screen-lock-and-antivirus.md)
* [ManageEngine – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/endpoint-central-extended-checks-for-screen-lock-and-antivirus.md)
* [JumpCloud – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/jumpcloud-extended-device-checks.md)
* [JAMF – Extended Checks](/monitors/extended-checks-in-mdm-tool-comms/jamf-extended-checks-for-screen-lock.md)

***

### Common Questions

**Q1. Are these checks available for all plans?**\
Yes. Extended checks are included in all Sprinto plans that support MDM integrations.

**Q2. How often does Sprinto sync MDM data?**\
Sprinto periodically fetches data from connected MDMs, ensuring near real-time compliance visibility.

**Q3. Can I disable specific checks?**\
Yes. Admins can disable monitors from the **Staff Devices** dashboard if they’re not applicable.

**Q4. What happens if an MDM API fails?**\
Sprinto will retry fetching data automatically. If the issue persists, a sync error notification will appear in the dashboard.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/monitors/extended-checks-in-mdm-tool-comms.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.