HERE'S WHY
Drata supports tracking multiple devices for each user to ensure that your employees and contractors are working on secure and compliant machines.
BEFORE DIVING IN
To use multiple devices with Drata, the devices must be added through Drata Agent or MDM.
Mobile devices are not yet supported.
Shared/Kiosk devices (devices operated by or for 2 or more people) are not supported.
Only ONE person will be responsible for a device’s compliance.
For JumpCloud MDM users:
If a device has multiple owners, only one person will have the device registered in Drata.
The other owners will have a “Manually Configured” device in their personnel details.
For users without registered devices:
A “Manually Configured” device will display in personnel details.
Evidence can be uploaded manually for this device to demonstrate compliance.
HERE'S HOW
The Drata platform can capture data from multiple devices per user via Agent or MDM automatically.
For the Agent, all you need to do is to install and register the Drata Agent on each device.
For MDM, you need to have all the devices set up in MDM and Drata will bring in the data from all devices within a day after Autopilot completes syncing your MDM data.
Manage your devices in My Drata
If the Drata Admin enables Workstation Configuration Monitoring under the company's Internal Security settings, you can view each of your devices connected to Drata by selecting Configure your devices on the My Drata page.
If the Drata Admin enables Manually via personnel uploading evidence under the company’s Internal Security settings, you can also add manual evidence for each device by selecting the View/Upload Evidence button. Be sure to select the appropriate device tab when viewing or uploading evidence.
If the Drata Agent is enabled, you can install and register it on each device individually. All registered devices will then appear in the Agent section as shown below.
Personnel
The Personnel Page includes a Device Compliance column and Device Compliance filter to help monitor device compliance statuses. If a user has multiple devices, the device compliance column will display the total number of devices assigned to that user.
To view details for a specific person, select the personnel and then a personnel detail drawer will appear. On that drawer, scroll to the Device section. Here, each device will show its overall compliance status, operating system, and unique identifier. Clicking on a device will expand the view to display detailed compliance-related information, and you can also upload manual evidence if needed.
If no devices are registered to a person, the personnel drawer will show a “Manually Configured” device where manual evidence can be uploaded for compliance validation. If multiple unknown devices are present, the user is responsible for uploading evidence for each one.
By selecting “Manage” in the personnel drawer next to the devices, you can access the Assets page filtered by that user’s devices, showing each device as an asset row.
Note: If registered devices don’t appear under the Assets or Personnel tabs:
Verify Device Registration:
Ensure that the device is correctly registered in Drata and matches the employee’s information.
Check Separation Dates:
Separation dates can prevent device syncing for returning personnel. If you're an Admin, remove any outdated separation dates and trigger an MDM sync.
Validate the Update:
After these steps, revisit the "Assets" or "Personnel" tabs to confirm if the device now appears.
Unlinking and Re-linking Devices
Note: For supported MDM systems (excluding Workspace ONE), Drata will automatically unlink devices from personnel whenever they are unlinked or deleted in the source MDM system. This automation streamlines your device management, ensuring records stay accurate and compliant across systems.
You can also unlink a device from a user on the Assets page. Select the asset and within the drawer select Unlink Device. This causes the device to no longer count towards that user’s compliance checks or monitoring tests. This is useful in cases of retired, stolen, or broken devices. When a device is unlinked, it is removed from compliance monitoring and will no longer appear in the list of linked devices. This ensures a clean and accurate inventory while enabling seamless compliance monitoring.
On the Assets page, you also have the option to unlink a device from a user.
To do this, select the asset, and within the drawer, select Unlink Device. This action removes the device from that user’s compliance checks and monitoring, which is useful for devices that are retired, lost, or damaged. Unlinked devices are removed from compliance activities but compliance processes continue with other registered devices. This helps maintain accurate system records and ensures seamless compliance operations.
In case the device was synced through MDM, you will be able to link it back to the user.
Drata will automatically detect if there is a change in device ownership (via Agent/MDM) and link/unlink devices so that only the latest user of a device is responsible for its compliance. If automatic detection fails, verify device registration details and trigger a manual refresh in MDM settings to sync device information accurately. Ensure separation dates are correctly updated to facilitate proper compliance tracking.