Scale your security
Secure every device effortlessly while ensuring compliance and growth.
Cover every gap
Gain visibility into devices and close security gaps before they become threats.
Protect Freelance & BYOD devices
Enable secure access for personal and external devices without adding complexity.
Device Security with XFA
Learn how XFA solves your device security issues.
Discovery
Gain visibility into all devices accessing your business platforms.
Awareness
Keep your team informed with real-time security alerts and insights.
Enforce
Ensure only compliant devices access your business data securely.
Download The Modern Device Security Guide
Curious what really works in device security?
XFA vs Iru (formerly Kandji)
Comparing cross-platform device management and security with privacy-first device security for BYOD and unmanaged devices
What is XFA?
XFA is the device security solution that knows about every device used for work, informs users about security risks, and verifies compliance with security policies at login — all without invasive control or centralized device management. XFA is built for modern organizations that support BYOD, contractors, and distributed teams, and need device trust without owning or managing devices.
What is Iru (formerly Kandji)?
Iru, formerly known as Kandji, is a cross-platform device management and security solution. It provides MDM capabilities for macOS, iOS, Windows, and Android, allowing IT teams to configure, secure, and manage company-owned devices. Iru requires device enrollment and agent installation to enforce policies and manage configurations.
Why choose XFA over Iru?
XFA secures devices without device management
Iru is built around device management — enrolling devices, pushing configurations, and maintaining control over device settings. XFA takes a different approach by verifying device security at access time without managing or controlling the device. This makes XFA ideal for organizations that need device security without the overhead of device management.
XFA is purpose-built for BYOD and contractor devices
Iru is designed primarily for company-owned devices that can be fully enrolled and managed. XFA is built specifically for personal devices, freelancers, and contractors who cannot or will not accept MDM enrollment on their devices. XFA enforces security requirements at login without requiring device ownership or administrative control.
XFA is privacy-first by design
Iru has visibility into device configurations, installed applications, and user activity through its management capabilities. XFA limits data collection to security-relevant signals checked at login. This privacy-first approach makes XFA more acceptable to users who are protective of their personal devices.
XFA notifies users before enforcement
XFA proactively informs users when their device does not meet security requirements and provides clear guidance on how to resolve issues. Users are given time to make changes before access is restricted. Iru enforces policies directly on managed devices, which can result in configuration changes or restrictions without the same level of advance user notification.
XFA provides access-based security rather than always-on management
Iru maintains continuous management of enrolled devices, enforcing policies and configurations at all times. XFA verifies device security only at access time, allowing users full control of their devices outside of work applications. This access-based model is better suited for modern flexible work environments.
XFA works with any identity provider
XFA integrates seamlessly with Microsoft Entra, Okta, Google, and other identity providers, allowing organizations to enforce device security policies regardless of their identity stack. This flexibility makes XFA easy to adopt alongside existing authentication infrastructure without replacing or restructuring identity systems.
Want to see how XFA fits your business?
Let's talk.
