What are people using to identify corporate computing assets (laptops, tables, smart phones, etc.) with ISE in addition to valid Active Directory credentials?

I want to be able to distinguish between corporate devices and BYOD beyond just A/D credentials because we have users who have brought their personal devices into our facilities and entered their work A/D credentials on the device to get network access.  I need more than just A/D to identify users and devices.