MDM Compliance Improvement
CompleteOverview
At Infoblox, administered global MDM infrastructure across Intune and Jamf for 2,800+ endpoints, building automated compliance verification and remediation to close persistent gaps in security posture.
Problem
Device compliance sat at 82%. Critical security controls — FileVault encryption, the BloxOne Endpoint network proxy, System Integrity Protection (SIP), and CrowdStrike Falcon — were not consistently enabled, active, or licensed across the fleet, and there was no automated way to catch or fix drift.
Approach
Wrote scripts to verify and remediate each control on every managed device: confirming FileVault was enabled, the BloxOne Endpoint proxy was configured and running, SIP was active, and Falcon was installed, running, and properly licensed. Non-compliant devices were automatically corrected rather than just flagged.
Architecture
Verification scripts run against each device via Jamf and Intune, checking FileVault status, BloxOne Endpoint proxy configuration, SIP state, and Falcon install/license/activity status. Devices that fail a check are remediated automatically, re-applying configuration or reinstalling the agent as needed.
Outcome
Raised MDM compliance from 82% to 98% across 2,800+ endpoints, standardizing endpoint governance and closing the manual-review gap that had let devices drift out of compliance.
Lessons Learned
Compliance checks only matter if they close the loop — verifying a control and fixing it in the same pass eliminates the backlog that a report-only dashboard leaves behind.