Knowledge Base Article

Deploying the Device Trust Agent

Objective: Ensure employees can install and use the Device Trust agent and are informed and prepared.

People

☐ Begin employee communications: Start notifying employees about the upcoming rollout approximately 30 days before they will be impacted. Initial communications should explain what Device Trust is, why it’s being implemented, and how it impacts daily work. We recommend using our employee communications templates as a starting point.

Tips:
Emphasize privacy protections, clarifying that Device Trust does not track personal files, browsing history, or location.
Direct employees to the Privacy Center within Device Trust for transparency on data collection and security checks.

☐ Send installation instructions:
When you’re ready to deploy, send clear instructions to employees on how to complete the installation, what to expect (e.g., Kolide icon appearing in the menu bar), and how to use the app to monitor device health. We recommend using our employee communications templates as a starting point. Employees can also learn more about installing the agent here.

☐ Gather early feedback:
Encourage employees to provide feedback on the installation experience.
Use feedback to adjust communications or support resources as needed.

Process

☐ Deploy the Device Trust agent:
Via MDM (recommended): Configure MDM to automatically install the Device Trust / Kolide agent on company-managed devices. This reduces disruption for employees and avoids potential problems. Read more here.

  • NOTE: Ensure your device registration prompts for your end users align with your deployment readiness. If needed, you can contact 1Password Customer Support to enable "Silent Mode" to temporarily hide the Menubar/Taskbar application until users are fully scoped with your supported IdP. This delivers a more seamless experience for end users and should align with your deployment timeline.

☐ Manual installation (if no MDM): Inform employees that they’ll be prompted to install Device Trust when they log in to a protected app and instruct them to install it on their primary work device first. Read more here.

☐ Monitor installation progress:
Track the completion rate of installations to identify users who may need additional support or reminders. Click the People tab and select ‘Registration - Has No Devices’ filter.

  • NOTE: When rolling out the Kolide agent via MDM, note that devices will initially appear under Devices > Unregistered until the user signs into a Kolide-protected application. This ensures devices are properly linked during the registration process.

For organizations with MDM, verify that installations are correctly applied across all managed devices. Review the Device Registration and Device MDM options under Admin Settings.

Published 3 months ago
No CommentsBe the first to comment
Related articles

Trusted Browser (Windows)

Solved
It's been a year since Trusted Browsers was released to just MacOS. There has been no further updates to bringing this feature to other Operating Systems. I understand that your priorities are with M...
Password Manager
8 months ago
147Views
1like
2Comments

Device Trust webinar and Q&A

Hello 1Password Community, If it isn’t on your calendar yet, there’s still time to register for our Thursday webinar How 1Password secures managed and unmanaged devices to learn how 1Password Devic...
Lounge
4 months ago
58Views
2likes
0Comments