Improvements to Device Deduplication & Deletion

Last week, Kolide rolled out several changes to our deduplication logic. This logic is how our platform decides if incoming device data belongs to existing device record, or, should constitute the enrollment of a new device.

Our original deduplication logic focused on making a best effort at combining devices into a single record whenever possible. We’ve since discovered that not only is this aggressive deduplication logic unnecessary, it can actually cause issues in a variety of common scenarios such as:

• New hardware that was set up using Mac’s Migration Assistant
• Previously enrolled devices that have since been reformatted and provisioned to new employees
• Unique Virtual Machines built from a snapshot from a previously enrolled VM

Kolide’s new deduplication logic now handles all of the above scenarios correctly by generating a new device record in every instance. If you’ve noticed a few more devices than you are used to, it’s likely because several devices were silently afflicted by one of the situations mentioned earlier.

In line with these changes, the tombstone created when a device is removed from Kolide, will now only prevent the re-enrollment of that specific agent installation. This change should eliminate confusion for new employees when re-enrolling re-imaged devices that were previously deleted in K2.

We believe these changes will dramatically improve your experience using Kolide and appreciate all the feedback and technical details you’ve shared with us that allowed us to improve this logic.

If you notice any irregularities or have questions about this change, please reach out via the Intercom widget or support@kolide.com.