Evaluating device security posture before granting access. Considers factors like encryption status, patch level, MDM enrollment, and malware protection.