> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/monitors/extended-checks-in-mdm-tool-comms/hexnode-extended-checks-for-disk-encryption-antivirus-and-screen-lock.md). # Hexnode – Extended Checks for Disk Encryption, Antivirus, and Screen Lock ### **Overview** Sprinto’s enhanced integration with **Hexnode** now supports automated monitoring of three additional compliance checks: * **Disk encryption** — Verifies that FileVault (macOS) or BitLocker (Windows) is enabled on devices. * **Antivirus** — Confirms the presence of antivirus software based on application data from Hexnode APIs. * **Screen lock** — Ensures devices automatically lock after a defined period of inactivity. These improvements allow Sprinto to monitor your organisation’s security posture in real time and reduce the need for manual compliance evidence. ### **Prerequisites** Before enabling extended checks, ensure that: * You have admin access to your Hexnode account. * You can create or edit passcode and encryption policies for macOS and Windows devices. * You can target policies to the correct set of devices. ### **Step 1 – Configure Antivirus Check** Sprinto validates antivirus status using the **antivirus name** retrieved from Hexnode’s list of installed applications via API. To pass this check: * Ensure your managed devices have a supported antivirus installed and detected in Hexnode’s application inventory. ### **Step 2 – Configure Screen Lock (Passcode) Policy** Sprinto checks screen lock compliance based on your **passcode policy** in Hexnode. The **Auto lock** setting must be **15 minutes or less**. #### **Create a new passcode policy:** 1. In Hexnode, go to **Policies** → **Create a new policy**. 2. Add a **Policy name** and **Description**. 3. Navigate to **macOS** → **Passcode** → **Configure**. 4. Set **Auto lock** to **15 minutes or less**. 5. Attach the policy to target devices: * Go to **Policy Targets** within the **Policies** tab. * Select **Devices** → **Add devices** → Choose the required devices → Click **OK**. 6. Repeat the above steps for your **Windows policy**. #### **Modify an existing passcode policy:** * **For macOS:** 1. In **Policies**, select the existing policy. 2. Click **Manage policy** and verify **Auto lock** is set to **15 minutes or less**. 3. Ensure the policy is attached to the correct devices via **Policy Targets** → **Manage policy** → **Associate Targets** → Select devices → **Associate**. * Repeat the same process for the **Windows policy**. ### **Step 3 – Configure Disk Encryption Policy** Sprinto verifies disk encryption status using your Hexnode **security** policies: * **For macOS:** Enable **FileVault**. * **For Windows:** Enable **BitLocker**. To configure: 1. In your Hexnode policy, go to **Security** and enable FileVault (Mac) or BitLocker (Windows). 2. Attach the encryption policy to the correct devices via **Policy Targets** as described in Step 2. ### **How Sprinto Tracks Compliance** * **Disk encryption:** Reads FileVault/BitLocker status from Hexnode’s policy compliance reports. * **Antivirus:** Detects antivirus from the device’s installed apps list via API. * **Screen lock:** Validates Auto lock time from passcode policy settings. ### **Next Steps** Once configured: * New **Disk Encryption**, **Antivirus**, and **Screen Lock** monitors will appear in your **Staff Devices** section in Sprinto. * Non-compliant devices will be flagged, and remediation tasks will be assigned where applicable. * Compliance status will update automatically based on Hexnode’s device reports. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.sprinto.com/monitors/extended-checks-in-mdm-tool-comms/hexnode-extended-checks-for-disk-encryption-antivirus-and-screen-lock.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.