Jamf Protect (first introduced in 2019) now offers rich endpoint telemetry data collection, along with a new offline deployment mode. Security and privacy go hand in hand in the connected enterprise. So as we approach the holiday break, there’s good news for security-conscious Mac-using enterprises from Jamf: powerful new telemetry tools in Jamf Protect. Because complex security is sexy We know that enterprise users don’t just have a responsibility to keep things secure, they also need to prove they’re doing so. Beyond that, many regulated industries must maintain ever more complex security event logging and insight to show how hard they’re working to protect their systems. Announced in September and made available in an update this week, Jamf Protect (first introduced in 2019) now offers rich endpoint telemetry data collection along with a new offline deployment mode that streams telemetry data directly to a SIEM (Security information and Event Management console) for businesses that must meet high compliance requirements. The idea is to “empower security teams with the rich audit telemetry they require, while adhering to the strictest data-handling requirements for organizations with high-compliance needs,” said Michael Covington, Jamf’s vice president of portfolio strategy. His company recently acquired telemetry data security firm Zecops. What this means to the enterprise The company says the update means its protection software now meets the requirements of President Biden’s Executive Order 14028 improving the nation’s cybersecurity. Among other things, this extensive 44-page document mandates minimum security goals that must be met across the federal government, including logging, log retention, and log management. The goal is to harden national security at every possible level. The latest update to Jamf Protect brings the software into line with these requirements, so enterprise Macs can meet the high demands of compliance. That means it gathers the kind of data required for stringent incident investigation, including tools to capture endpoint telemetry, and stream that data to customer-owned data repositories and SIEMs. This isn’t a new capability — it was included in the company’s compliance reporting tool, and is now available to all Jamf Protect customers. What data is collected? The telemetry data is important. (Jamf maintains that while it is gathered, personal data is not.) It includes system data, threat detection logs, and network traffic details. This kind of data is meat and drink to security professionals as it helps them identify threats, monitor them, and hunt them down. Threat hunters will be able to analyze macOS activity logs in near real-time using a single endpoint agent. That’s important, as especially in the event of significant attacks on company systems, professional security operatives will look to such telemetry before locking down against the attack. Attacks don’t always operate at one level, so it’s sensible to check for any associated activity before locking down. The most sophisticated attackers build in background attacks to supplement the main thrust. That’s the kind of activity sophisticated telemetry can sometimes help reveal. Jamf Protect also gains a new offline deployment mode for customers with high compliance requirements. The real social network While Apple continues to improve security across all its products on a platform level, there are always some sections of its user base who require solutions more focused on specific needs. This, of course, is what the entire Apple-in-the-enterprise third-party ecosystem seeks to serve. “At Jamf, our mission is to bridge the gap between what Apple provides and what the enterprise requires,” said Covington. The nature of partnership and mutual support is, of course, the real social network. Beware imitations. In this case, Apple and its partners are raising the walls to protect the ecosystem – something that’s happening on every platform now. You probably need to vet your own security systems, too. Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Related content news analysis Apple earnings: About that iPhone 'slump' in China Based on information from Thursday's earnings report, it seems that data pointing to an iPhone slump in China were over-baked. By Jonny Evans May 03, 2024 9 mins iMac iPhone Apple news analysis Apple confirms it will open up the iPad in Europe this fall The latest efforts to comply with Europe’s Digital Markets Act mean developers can offer to side load apps to both iPhones and iPads in the EU. Apple has also taken steps to improve what it offers to smaller and non-commercial developers in the By Jonny Evans May 02, 2024 6 mins iPad Apple Mobile Apps news Mosyle and Fleet bring new device management options to Apple enterprise Apple's growing enterprise market share is generating tons of opportunity for the company's partners in the device management market. Their approaches reflect the diversity of use. By Jonny Evans May 01, 2024 4 mins Apple Mobile Device Management Mobile Security feature Apple is intensely focused on its global AI efforts When the ship that is Apple moves in any direction, you can always count on careless whispers to expose the destination. From research labs to sophisticated AI models and Apple Silicon for server farms, here's what we've learned in just one By Jonny Evans Apr 30, 2024 6 mins Apple Artificial Intelligence Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe