You asked, we answered: Top 10 questions for our IT experts

Published

May 24, 2024

We recently hosted a webinar highlighting Rippling IT and all the cool ways you can automate time-consuming manual tasks and boost security. Our viewers asked so many great questions during the session that we decided to collect and answer them for you here! 

Scroll down to learn more about Rippling IT, including Device Management (MDM), App Management (IAM), Inventory Management, and endpoint security with SentinelOne.

1. Can we upload our own devices, or do we need to order through Rippling?

There are three basic ways to enroll devices with Rippling Device Management.

  • Add a device using zero-touch deployment: Rippling can automatically enroll devices in MDM and silently install the Rippling Agent, resulting in a zero-touch deployment experience for employees. New devices will enroll with Rippling without employee involvement.
  • Self-enroll a device in MDM: If a device cannot be automatically enrolled, you can enroll it with MDM yourself or ask the device assignee to enroll the device. Once enrolled, the Rippling Agent will install silently. You can even send employees an email invitation with instructions on how to enroll. 
  • Manually install the Rippling agent: Options 1 and 2 are the simplest methods for adding a device to Rippling, and you should be able to use them for most of your devices. But if necessary, you can manually install the Rippling Agent instead.

So, the answer is yes. You can purchase devices outside of Rippling and enroll them in MDM afterward, but you miss out on one of the major benefits of ordering through the Rippling store: the pre-installed Rippling agent. This allows for all policies to be enforced and for the employee to have all the software they need on day one.

2. Do you have an antivirus component? Can you see a list of devices that have antivirus installed?

Yes. Rippling has a deep partnership with SentinelOne—a next-generation endpoint security product that protects computers against all threat vectors and provides fast recovery capabilities for compromised machines from a centralized management console.

You can choose between the Singularity Core or Singularity Complete package. Rippling automatically installs the SentinelOne agent on all devices, lists the AV status for all devices, and provides an integrated threats dashboard, allowing you to remediate processes flagged by SentinelOne directly from the Rippling admin console. 

3. As an IT admin, can I get access to manipulate user and object data in Rippling without accessing sensitive employee data?

Yes. Because Rippling hosts a wide variety of employee data, you may want to give some employees the ability to see or change specific information about other employees across your company to protect sensitive data. Permission profiles determine what administrators can see and do in Rippling. You can automatically assign them to your admins based on their roles and attributes.

Rippling offers advanced role-based access control (RBAC) so different admin roles in your organization can interact with the appropriate types of data. There are dozens of pre-built permission profiles for roles like IT administrators, managers, or insurance brokers. You can also create fully customized permission profiles and scopes to suit the needs of your business and keep sensitive employee data private. 

4. Can you track what is shipped to users so it can be returned when someone leaves?

All orders from the Rippling store or Inventory Management warehouse are tracked in Rippling with a unique order ID. You can see information like who requested the order, to whom the order will be shipped, and the order status.

Rippling’s Inventory Management service facilitates the logistics of retrieving and storing laptops, desktops, and monitors from employees. As part of the offboarding process, Rippling can automatically send the appropriately sized box and shipping materials (shipping label, tape, bubble wrap, etc.) directly to an employee’s home. Rippling also tracks when your employees place the return package in the mail and can notify you if a device has not been returned in a specified period. You can even pay an employee a bonus for returning their device on time!

5. Is it possible to synchronize user data between Rippling and Microsoft Entra ID (Azure AD) to streamline HR and IT operations?

Rippling offers a robust integration with M365/Entra. Rippling can provision new Microsoft accounts for new hires, manage access to Microsoft groups and Security groups, and act as the source of truth for employee attributes like an employee’s department, manager, or custom attributes.

If you use Azure as your identity provider (IdP), you can set up federated authentication so your employees access Rippling securely via single sign-on (SSO) from your IdP using SAML. Rippling can act as the IdP for Microsoft (or any other web application) or the SP if Microsoft is already your IdP. 

6. How robust is Rippling MDM? Does it work with Apple Business Manager?

Rippling is a Mac and Windows MDM that supports a wide range of functionality, including zero-touch deployment, local user account management, software delivery, OS patch management and encryption, and custom policy and command execution.

Rippling directly integrates with Apple Business Manager for ordering and enrollment in DEP or VPP. If you want macOS devices you order through Rippling to automatically enroll with Rippling Device Management upon setup, you must connect an Apple Business Manager (ABM) account to Rippling. Connecting your ABM account also ensures macOS devices that get wiped will be automatically re-enrolled with Rippling.

7. What are Rippling's certifications?

We don’t treat compliance as a box to check off. Instead, we make sure it’s deeply ingrained in everything we do at Rippling. We aim for what we call “meaningful compliance,” security controls that actually impact the safety of our environment and, ultimately, our customers’ data. Because we store and process sensitive data for our customers, we’re responsible for keeping it secure.

We’ve obtained:

  • SOC 1 Type II
  • SOC 2 Type II
  • SOC 3
  • CSA STAR Level 2
  • ISO 27001
  • ISO 27018
  • GDPR
  • CCPA

Access to all audit reports is available upon request. 

8. Can IT admins create workflows and set up approvals?

Yes. Rippling Workflow Studio lets you create customized workflows that automatically take an action when a specific event happens. For example, you can use workflows to create rules for automatically notifying someone, assigning a task, or calling a webhook to take an action in an external application.

Workflow Studio also has hundreds of pre-built recipes to help roles from IT to HR streamline alerts and processes. Admins can create entirely custom workflows to suit their needs. Approvals can be configured in a similar way. For example, an IT admin could configure an approval flow before a new hire gains access to critical applications like Slack and Zoom.

You can leverage hundreds of user and device attributes in these workflows to:

  • Slack an employee’s manager and the IT admin if a device hasn’t installed the latest software updates
  • Alert IT if SentinelOne has detected 3+ threats on a device assigned to an engineer
  • Require approval from IT and finance if a hiring manager orders a device out of budget for a new hire
  • Require approval from IT if a non-engineer new hire requests access to GitHub or AWS 

9. What third-party integrations does Rippling support?

Rippling has 600+ pre-built integrations with web applications ranging from Google and Microsoft to developer tools like GitHub and AWS. These integrations make it possible to automate account provisioning and deprovisioning, manage group memberships, enable SSO, and much more. We also offer a custom application to integrate with any service that supports SAML 2.0 or SCIM, as well as a password manager.

Once you have found the app you want to connect to, open the app in the app shop and connect the account.

  • undefined

10. Does Rippling support YubiKey or passkeys?

Both! You can configure any number of authentication policies that specify the required MFA method for authentication to Rippling or connected applications. Employees can configure a mix of TOTP, passkeys, or security keys to ensure their logins are secure. 

With Rippling's YubiKey Ordering app, you can order YubiKeys directly from Yubico, configure ordering policies for new hires, and manage billing all through Rippling. No need to key in each employee’s home address, handle additional payment flows, and agree to terms with another vendor. As your employee system of record, Rippling can handle it all for you.

The YubiKey Ordering app is available as part of Rippling's App Management package.

IT products natively built just for you

Watch the full webinar recording to see Rippling IT for yourself. And if you’d rather experience Rippling IT live, book a demo.

last edited: May 28, 2024

Author

Marisa Krystian

Senior Content Marketing Manager, IT

Marisa is a content marketer with over ten years of experience, specializing in security and workplace technology—all with a love of black coffee and the Oxford comma.