Update our CIS policies to include checks for DDM

[lukeheath]

Problem

Currently our OS updates CIS policies are all checking for the old MDM-configured OS updates. We've removed those and are now depending on DDM for OS updates, but our CIS policies are not checking for DDM.

Potential solutions

Update all OS updates CIS policies to include looking for MDM-configured OS updates OR DDM updates.

What is the expected workflow as a result of your proposal?

[noahtalerman]

Hey @lukeheath, we put this one to the side during today's feature fest.

I wonder if need to take this request through the drafting process. I think folks at Fleet outside of product/eng could take this one. What do you think?

[lukeheath]

@noahtalerman I don't think we need to take it through the drafting process, but I do think we'd need to get someone from eng to take it on.

@sharon-fdm Is this something you have capacity to take on? Lower priority.

[sharon-fdm]

@lukeheath, I need to look into it and understand the work needed.

[sharon-fdm]

@lukeheath, we have around 40 items that use the MDM table. Did we only move the OS update to DDM or other items as well?

A few examples other the OS udpate: Application Updates iCloud Drive storage etc...

@lucasmrod, do we have an osquery table for DDM similar to MDM?

[lukeheath]

We haven't been asked for this so currently a low priority, just didn't want it to get lost.