Secfix Agent - Monitor compliance in your employee devices

Introducing the Secfix Agent - A new lightweight program to help you monitor compliance of the employee devices in any common operating system (OS).

Before you read further, think about how your company is monitoring employee computers. Do you have a Mobile Device Management Solution (MDM) such as Jamf Pro, Kandji or JumpCloud in place? How do you track that all employee devices have the latest macOS, Linux or Windows version? Have antiviruses installed? And are using a password manager?

Here is how to monitor compliance and security in endpoint devices:

You don’t have an MDM solution in place? No worries! The Secfix Agent will cover all of this for you. Secfix has developed a lightweight program that runs daily in the background of your employee’s computers and alerts you of any security vulnerabilities. It will make sure that all proper security configurations are set - such as hard drive encryption, antivirus software, password manager, and automatic updates are enabled. These security configurations are important for ISO 27001 compliance.

The Secfix Agent is based on osquery – an open-source project maintained and vetted by the Linux Foundation. osquery was originally created at Facebook and it still runs across Facebook’s fleet of employee laptops and servers. The Secfix Agent has READ ONLY access, which means it will not change anything on your machines. osquery is great and secure, and while it doesn't tick all of the same boxes as Jamf or Fleetsmith, it'll almost certainly be enough for compliance evidence creation. osquery is in fact much better at collecting"evidence" than most MDM tools are.

‍

MDM Tools vs. the Secfix Agent

Where should you use an MDM solution?

Use MDM tools to enforce OS patch updates and application installations. Usually, MDM solutions have a focus on one OS but have many features. For example, Jamf Pro supports exclusively Apple devices that are run on macOS.

Where should you use the Secfix Agent?

Use the Secfix Agent to monitor and collect compliance-related evidence on every employee endpoint every day, no matter which OS you have. The Secfix Agent is available for macOS, Windows, and Linux machines.

Which data does the Secfix Agent collect?

The information the Secfix Agent sends to the web application includes:

"Owner" — The name of the employee and their device.

"OS Version" — The specific operating system that the computer is running, including the version and the serial number for the computer.

"PW Manager" — Indication that the employee has a password manager installed on the computer.

"HD Encrypted" — Indication that the computer’s hard drive is encrypted.

"AV Installed" — Indicates if antivirus software has been installed.

"Last Check" — A timestamp indicating the last time the computer communicated with Secfix.

‍

The Secfix Agent has a limited Read-Only functionality. It doesn’t read sensitive information such as passwords, browser history or emails but rather focuses on the security essentials.
The major components of the Secfix Agent such as osquery and Docker Notary have been pentested by our partner NCC group.