Comment by djhn
16 hours ago
If it’s not essentially BYOD and you’re provisioning and monitoring security somehow, would you happen to have any quick tips for hassle-free linux MDM? I’m looking for something appropriate for a similar sized microenterprise.
I can share what we do, it might not suit everyone though. We manage the devices through ansible-pull, and we have a small Prometheus metrics exporter on the devices for what I think is good to monitor. Then we have a grafana dashboard, alerts and so on. This suits us because we can manage the servers as well as the devices with ansible. Most users don't have root. If anyone needs help, the person needs to be in the wireguard vpn and the someone helping can ssh into the machine.
There's also fleetdm, which we are not using, but might be something you want to consider
Thanks, your setup is probably closer to what I'm looking for than fleetdm.