Hello,
Is there a way in the tenant to identify on how a user has been enrolled (UPN vs IdP)? In preparation for mitigating Netskope’s enrolment vulnerability, we need to find a way to identify users/devices that are affected as they have been enrolled using UPN mode (we starting with UPN and switched to IdP for new subsidiaries). In addition, this might be a way to identify devices that should not be there (aka exploited the vulnerability).
Thank you!
Regards,
Nadja
Hey
Currently there is no way to tell whether a user was enrolled via UPN or via IDP. To identify any users/devices which may have been affected, we recommend checking whether the devices which are showing up in your tenant actually belong to those users or to your organization. We have an advanced analytics which can support this type of analysis, or you can choose to export the device list from the tenant in Settings > Security Cloud Platform > Devices > Export and cross-check that list with an IT asset inventory list or user-device mappings. We strongly recommend leveraging Device Classification, and taking a deeper look at devices which appear as unmanaged.
Regards,
Sean
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
