Jamf Protect provides highly effective telemetry to guard Mac enterprise
Jamf Protect (first launched in 2019) now gives wealthy endpoint telemetry information assortment, together with a brand new offline deployment mode.
Security and privateness go hand in hand within the related enterprise. So as we strategy the vacation break, there’s excellent news for security-conscious Mac-using enterprises from Jamf: highly effective new telemetry instruments in Jamf Protect.
Because advanced safety is horny
We know that enterprise customers don’t simply have a accountability to maintain issues safe, additionally they must show they’re doing so. Beyond that, many regulated industries should preserve ever extra advanced safety occasion logging and perception to indicate how arduous they’re working to guard their methods.
Announced in September and made out there in an replace this week, Jamf Protect (first launched in 2019) now gives wealthy endpoint telemetry information assortment together with a brand new offline deployment mode that streams telemetry information on to a SIEM (Security info and Event Management console) for companies that should meet excessive compliance necessities.
The thought is to “empower security teams with the rich audit telemetry they require, while adhering to the strictest data-handling requirements for organizations with high-compliance needs,” mentioned Michael Covington, Jamf’s vice chairman of portfolio technique. His firm lately acquired telemetry information safety agency Zecops.
What this implies to the enterprise
The firm says the replace means its safety software program now meets the necessities of President Biden’s Executive Order 14028 enhancing the nation’s cybersecurity.
Among different issues, this in depth 44-page doc mandates minimal safety targets that have to be met throughout the federal authorities, together with logging, log retention, and log administration. The objective is to harden nationwide safety at each attainable stage.
The newest replace to Jamf Protect brings the software program into line with these necessities, so enterprise Macs can meet the excessive calls for of compliance. That means it gathers the type of information required for stringent incident investigation, together with instruments to seize endpoint telemetry, and stream that information to customer-owned information repositories and SIEMs. This isn’t a brand new functionality — it was included within the firm’s compliance reporting instrument, and is now out there to all Jamf Protect prospects.
What information is collected?
The telemetry information is essential. (Jamf maintains that whereas it’s gathered, private information just isn’t.) It contains system information, menace detection logs, and community visitors particulars.
This type of information is meat and drink to safety professionals because it helps them determine threats, monitor them, and hunt them down.
Threat hunters will have the ability to analyze macOS exercise logs in close to real-time utilizing a single endpoint agent. That’s essential, as particularly within the occasion of serious assaults on firm methods, skilled safety operatives will look to such telemetry earlier than locking down towards the assault. Attacks do not all the time function at one stage, so it’s smart to verify for any related exercise earlier than locking down. The most subtle attackers construct in background assaults to complement the primary thrust.
That’s the type of exercise subtle telemetry can generally assist reveal.
Jamf Protect additionally good points a brand new offline deployment mode for patrons with excessive compliance necessities.
The actual social community
While Apple continues to enhance safety throughout all its merchandise on a platform stage, there are all the time some sections of its person base who require options extra targeted on particular wants.
This, after all, is what your complete Apple-in-the-enterprise third-party ecosystem seeks to serve. “At Jamf, our mission is to bridge the gap between what Apple provides and what the enterprise requires,” mentioned Covington. The nature of partnership and mutual help is, after all, the actual social community. Beware imitations.
In this case, Apple and its companions are elevating the partitions to guard the ecosystem – one thing that is occurring on each platform now. You in all probability must vet your personal safety methods, too.
Please comply with me on Mastodon, or be part of me within the AppleHolic’s bar & grill and Apple Discussions teams on MeWe.