Skip to main content
Multi-Device Support

This article explains how Drata handles multiple Devices per user.

Updated over a month ago

HERE'S WHY

Drata supports tracking multiple devices for each user to ensure that your employees and contractors are working on secure and compliant machines.

BEFORE DIVING IN

  • To use multiple devices with Drata, the devices must be added through Drata Agent or MDM.

  • Mobile devices are not yet supported.

  • Shared/Kiosk devices (devices operated by or for 2 or more people) are not supported.

    • Only ONE person will be responsible for a device’s compliance.

  • For JumpCloud MDM users:

    • If a device has multiple owners, only one person will have the device registered in Drata.

    • The other owners will have a “Manually Configured” device in their personnel details.

  • For users without registered devices:

    • A “Manually Configured” device will display in personnel details.

    • Evidence can be uploaded manually for this device to demonstrate compliance.

HERE'S HOW

The Drata platform can capture data from multiple devices per user via Agent or MDM automatically.

  • For the Agent, all you need to do is to install and register the Drata Agent on each device.

  • For MDM, you need to have all the devices set up in MDM and Drata will bring in the data from all devices within a day after Autopilot completes syncing your MDM data.

Manage your devices in My Drata

If the Drata Admin enables Workstation Configuration Monitoring under the company's Internal Security settings, you can view each of your devices connected to Drata by selecting Configure your devices on the My Drata page.

If the Drata Admin enables Manually via personnel uploading evidence under the company’s Internal Security settings, you can also add manual evidence for each device by selecting the View/Upload Evidence button. Be sure to select the appropriate device tab when viewing or uploading evidence.

If the Drata Agent is enabled, you can install and register it on each device individually. All registered devices will then appear in the Agent section as shown below.

Personnel

The Personnel Page includes a Device Compliance column and Device Compliance filter to help monitor device compliance statuses. If a user has multiple devices, the device compliance column will display the total number of devices assigned to that user.

To view details for a specific person, select the personnel and then a personnel detail drawer will appear. On that drawer, scroll to the Device section. Here, each device will show its overall compliance status, operating system, and unique identifier. Clicking on a device will expand the view to display detailed compliance-related information, and you can also upload manual evidence if needed.

If no devices are registered to a person, the personnel drawer will show a “Manually Configured” device where manual evidence can be uploaded for compliance validation. If multiple unknown devices are present, the user is responsible for uploading evidence for each one.

By selecting “Manage” in the personnel drawer next to the devices, you can access the Assets page filtered by that user’s devices, showing each device as an asset row.

Unlinking and Re-linking Devices

Note: For supported MDM systems (excluding Workspace ONE), Drata will automatically unlink devices from personnel whenever they are unlinked or deleted in the source MDM system. This automation streamlines your device management, ensuring records stay accurate and compliant across systems.

You can also unlink a device from a user on the Assets page. Select the asset and within the drawer select Unlink Device. This causes the device to no longer count towards that user’s compliance checks or monitoring tests. This is useful in cases of retired, stolen, or broken devices.

On the Assets page, you also have the option to unlink a device from a user.

To do this, select the asset, and within the drawer, select Unlink Device. This action removes the device from that user’s compliance checks and monitoring, which is useful for devices that are retired, lost, or damaged.


In case the device was synced through MDM, you will be able to link it back to the user.

Drata will automatically detect if there is a change in device ownership (via Agent/MDM) and link/unlink devices so that only the latest user of a device is responsible for its compliance.

Did this answer your question?