Ctrlk
Sprinto DashboardAPI Reference
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Microsoft Intune – Extended Checks for Screen Lock and Antivirus

Learn how to configure Microsoft Intune to enable Sprinto to automatically monitor screen lock and antivirus compliance checks on Windows and macOS devices.

Overview

Sprinto’s enhanced integration with Microsoft Intune now supports automated monitoring of two additional compliance checks:

  • Screen lock — Verifies that devices automatically lock after a defined period of inactivity.

  • Antivirus — Detects the presence of antivirus protection on Windows devices.

This improvement enables real-time compliance tracking and eliminates the need for manual evidence submissions.

This article explains how to configure your Microsoft Intune account to enable these new checks and how to re-integrate Intune with Sprinto to ensure these changes take effect.

Prerequisites

Before enabling extended checks, ensure that:

  • You have admin access to your Microsoft Intune account.

  • You can create or edit compliance policies for both Windows and macOS devices.

  • You can update your Sprinto–Intune integration connection.

Step 1 – Configure Antivirus Requirement in Intune (Windows Devices Only)

Sprinto detects antivirus compliance using the System security settings in your Intune compliance policies.

You can configure antivirus checks in either of the following ways:

  1. Encryption → Antivirus field — Set to Require.

  2. Defender — Set the Defender field to Require.

Ensure that one or both settings are enabled in the compliance policy for your Windows devices.

Step 2 – Configure Screen Lock Requirement in Intune

Sprinto checks for screen lock compliance by reading the Maximum minutes of inactivity before password is required setting in your Intune compliance policy.

To modify an existing compliance policy:

  • For Windows:

    1. In Intune, go to DevicesCompliance.

    2. Select your Windows compliance policy.

    3. Go to PropertiesCompliance settingsEdit.

    4. Under System security, locate Password settings.

    5. Set Maximum minutes of inactivity before password is required to 15 minutes or less.

    6. Save the changes.

  • For macOS:

    • Repeat the same steps as above for your Mac compliance policy.

To create a new compliance policy:

  1. In Intune, go to DevicesCompliance.

  2. Select Create policy.

  3. Choose the platform (Windows or macOS) and select Create.

  4. Under System securityPassword, set Maximum minutes of inactivity before password is required to 15 minutes or less.

  5. Save the policy.

Step 3 – Re-integrate Microsoft Intune with Sprinto

After updating your Intune compliance policies:

  1. In Sprinto, go to SettingsIntegrationsActive Integrations.

  2. Search for Microsoft Intune and select it.

  3. Click ManageUpdate Connection.

  4. Ensure you connect to the same account as before. Sprinto will update the existing connection details automatically.

How Sprinto Tracks Antivirus

Sprinto checks whether each Windows device is compliant for the antivirus setting specifically - not the whole policy. This means the antivirus check can pass even if other settings in the same policy (like screen lock) are not yet compliant. When the antivirus check passes, Sprinto also displays the name of the antivirus software detected on the device in your Staff Devices view, so admins and auditors can verify exactly which protection is running.

Note

The antivirus name only appears when the check is passing. If the device is non-compliant, no name is shown.

Best Practice: Use One Policy Per Check

For the most reliable results, create separate Intune compliance policies for each check:

  • One policy forantivirus

  • One policy forscreen lock

Do not enable the same setting (for example, antivirus) in multiple policies. When a setting is included in several policies, Microsoft Intune can take up to 24 hours to update the compliance data that Sprinto reads, which may cause stale or incorrect results.

If you see stale results after changing policies:

  1. Remove the antivirus / screen lock setting from all other policies.

  2. Create a new policy for every individual setting.

  3. Roll it out to your devices.

  4. Run a refresh from the Sprinto UI under Staff Devices → Intune.

Next Steps

Once your configuration is complete:

  • New Screen Lock and Antivirus monitors will appear in your Staff Devices section in Sprinto.

  • Any non-compliant devices will be flagged automatically.

  • Remediation tasks will be created where applicable.

  • Compliance status will update in real time based on Intune’s device reports.

PreviousIru (Kandji) – Extended Checks for Screen Lock and AntivirusNextHexnode – Extended Checks for Disk Encryption, Antivirus, and Screen Lock

Last updated