For standards like SOC-2 compliance, organizations are expected to ensure that their employees are keeping their work devices up-to-date.
To solve this, company admins can deploy a Mobile Device Management (MDM) tool like JumpCloud to quickly detect whether dedicated work devices used by employees have installed critical software or run new updates. MDM tools also play an important role in device security, offering organizations the ability to wipe devices if they get lost or become subject to theft or a data breach.
JumpCloud is a leading MDM tool that offers both identity management and secure device management across multiple operating systems in a cloud directory.
Okta is a leading identity management platform that helps employers establish consistent access and secure authentication across applications.
In this guide, we are going to show you how to use an identity platform like Okta to run a search for all employees who have not yet installed JumpCloud, on their devices.
Getting an Active Users List From Okta
To find users who have not yet installed JumpCloud, first we need a list of all users in the organization. You can retrieve this list from the Okta Admin UI or via the Okta API.
Using the UI Console
- Navigate to the Okta Admin Panel, then go to Reports.
- Select the Okta Password Health link to download a CSV file.
- Open the CSV file, then filter the Status column for Active users.
Using the API
Use the following syntax to issue a call with parameters with the Okta API. It retrieves all users with a maximum of 200 per call:
If your organization has more than 200 users, you may need to use pagination to get the full list.
Finding Users Without JumpCloud Installed on a Device
Now that you have a list of all users from Okta, you can separately pull a list from JumpCloud to cross-check and find installation gaps.
Getting a Users List using the JumpCloud Console
- First, log in to the Administrator Portal: https://console.jumpcloud.com
- Under the “User Management” section, go to “Users”.
- Up in the top right, you’ll find an option to export a list either in JSON or CSV formats. You’ll see the list saved with this naming: “jcuserlist_yyyymmdd.<filetype>”
Getting a Devices List using the JumpCloud Console
You can also get a list of all devices from the Administrator Portal.
- Once you’re logged in, go to the “Device Management” section and select “Devices”.
- Similar to how you pulled your users list, you can export in JSON or CSV formats and that file will follow this naming: “jcudeviclist_yyyymmdd.<filetype>”
Using these lists, you’ll be able to cross reference and see if there are gaps in the users listed in Okta vs. JumpCloud, and you can check that all users listed in JumpCloud have at least one device registered. If necessary, you can use the vlookup function to align data across these lists.
Once you have a clear list of users who have not installed JumpCloud on at least one device yet, you can follow up with them directly to ensure they meet compliance.
Simplifying MDM Compliance Checks With Blink
Dealing with pagination limits makes pulling these lists manually especially time-consuming. There’s an easier way to see which users haven’t installed JumpCloud yet on a device by using no-code/low-code automation.
With Blink, you can run these queries in a couple clicks and get this installation gap list automatically with no limit issues or cross-checking required.
Get started and create your free Blink account today.