You know the drill: when you go through airport security there are two lines. In one, a TSA agent makes sure you’re the person in your passport photo. In the other, a machine scans your carry-on for explosives, weapons, or a normal-sized bottle of shampoo.

Enterprise security is much the same, but instead of passengers and luggage, we’re talking about end users and their devices. In the first line, user authentication verifies a user’s identity, and it’s gotten pretty sophisticated in the past few years, with SSO and MFA becoming more common.

But user devices don’t get nearly the same level of attention. The average device trust solution only looks at a handful of endpoint security factors, like OS updates and firewall. If this really were the TSA, that wouldn’t even be an x-ray machine, more like holding a bag to your ear and listening for a ticking sound.

And that’s assuming an organization looks at end user devices at all. Kolide’s Shadow IT report found that 47% of companies let unmanaged devices access their resources, and authenticate via credentials alone.

Unmanaged devices (those outside a company’s MDM) can be infected with malware, full of PII, or worse–they can belong to a bad actor using phished employee credentials.

And hey, there are valid reasons for a device not to be enrolled in MDM. Contractor devices, Linux machines, and employee phones all need to be able to access company resources. But there’s plenty of room for middle ground between “fully locked down and managed” and an open-door device policy.

Specifically, companies need device trust solutions that block devices from authenticating if they don’t meet minimum security requirements.

Even with phishing-resistant MFA, it’s frighteningly easy for bad actors to impersonate end users–in the case of the MGM hack, all it took was a call to the help desk. What could have prevented that attack (and so many others) was an unspoofable form of authentication for the device itself.

That’s what you get with Kolide’s device trust solution: a chance to verify that a device is both known and secure before it authenticates. Kolide’s agent looks at hundreds of device properties (remember, our competitors only look at a handful). What’s more, our user-first, privacy-respecting approach means you can put it on machines outside MDM: contractor devices, mobile phones, and even Linux machines.

Without a device trust solution, all the security in the world is just security theater. But Kolide can help close the gaps. (And we won’t even make you take off your shoes.)

To learn more, please watch our on-demand demo.

Our thanks to Kolide for sponsoring MacStories this week.

If you have a client looking to monetize their passion by building a membership website, look no further than Memberful, the best-in-class membership solution used by creators, publishers, and media companies worldwide.

Memberful has everything you need to get a membership site up and running with ease so your clients can concentrate on creating content while earning revenue. Memberful makes it simple to get your site up and running by integrating with the technologies you already use, like WordPress. There are WordPress shortcuts and built-in functions that allow you to insert dynamic links and integrate Memberful data inside your WordPress theme. Plus, Memberful works with popular services like Mailchimp, Discord, Google Analytics, and more, making it easy to reach and monetize your audience wherever they are without starting from scratch.

We’ve used Memberful ever since we launched Club MacStories in 2015. Not only did Memberful make setting up the Club easy, but it has grown with us throughout the following eight years, allowing us to expand from a newsletter to downloadable content, members-only podcasts, and more. Best of all, everything works seamlessly with our existing tech stack.

When you use Memberful, you’re in complete control of your audience and brand. And, with a GraphQL API, webhooks, and OAuth Single Sign-On, integrating with your existing workflow and systems is straightforward. You’ll get comprehensive analytics, too, allowing you to understand what’s working and what’s not and make adjustments as you go.

Help your clients monetize their passion by getting started for free with Memberful. It’s the proven way for creators, publishers, and media companies to monetize their audiences.

Our thanks to Memberful for sponsoring MacStories this week.