Jamf Protect adds powerful telemetry to protect the Mac enterprise | Jobs Vox


Security and privacy go hand in hand in a connected enterprise. So as we approach the holiday break, there’s good news from Jamf for security-minded Mac-using enterprises: powerful new telemetry tools in Jamf Protect.

Because complex security is sexual

We know that enterprise users not only have a responsibility to stay secure, they also have to prove that they do. In addition, many regulated industries must maintain records and visibility into more complex security measures to demonstrate how hard they are working to protect their systems.

Announced in September and made available this week with an update, Jamf Protect (first introduced in 2019) now offers rich endpoint telemetry data collection along with a new offline deployment mode that streams telemetry data directly to a SIEM (Security Information and Event Management Console). For businesses that must meet high compliance requirements.

The idea is to “empower security teams with the rich audit telemetry they need while meeting the strict data handling requirements of organizations with high compliance needs,” said Michael Covington, vice president of portfolio strategy at Jamf. His company recently acquired telemetry data security firm Zecops.

What does this mean for the enterprise?

The company says the update means its security software now meets the requirements of President Biden’s Executive Order 14028, which improves the nation’s cybersecurity.

Among other things, this extensive 44-page document mandates minimum security goals that must be met across the federal government, including tree accounting, log keeping, and log management. The goal is to strengthen national security at all possible levels.

The latest update to Jamf Protect aligns the software with these requirements, so enterprise Macs can meet high compliance requirements. This means it collects the type of data required for rigorous incident investigation, including tools to capture endpoint telemetry and transmit that data to customer-owned data warehouses and SIEMs. This isn’t a new feature – it’s been incorporated into the company’s compliance reporting tool and is now available to all Jamf Protect customers.

What data is collected?

Telemetry data is important. (Jamf claims that while it collects no personal data.) It includes system data, threat detection logs, and network traffic details.

This type of data is meat and drink for security professionals, as it helps them identify, monitor and hunt down threats.

Threat hunters will be able to analyze macOS activity logs in near real-time using a single endpoint agent. This is important because especially in the case of significant attacks on company systems, professional security operators will look at such telemetry before locking down against the attack. Attacks don’t always work at one level, so it’s wise to check for any related activity before locking. The most sophisticated attackers create background attacks to complement the main force.

Sophisticated telemetry can help you detect this kind of activity.

Jamf Protect also gains a new offline deployment mode for users with high compliance requirements.

A real social network

While Apple continues to improve security across all of its products at the platform level, there are always some sections of its customer base that require solutions that are more focused on specific needs.

This, of course, is what the third-party ecosystem across the entire Apple enterprise serves. “At Jamf, our mission is to bridge the gap between what Apple offers and what the enterprise demands,” said Covington. The nature of partnership and mutual support is, of course, a real social network. Beware of imitations.

In this case, Apple and its partners are raising walls to protect the ecosystem – which is now happening on all platforms. You may also need to check your own security systems.

Please follow me on Mastodon or join me at AppleHolic Bar and Grill and Apple discussions Groups on MeWe.

Copyright © 2022 IDG Communications, Inc.


Source link

Implement tags. Simulate a mobile device using Chrome Dev Tools Device Mode. Scroll page to activate.