Kandji has introduced Prism, a new compliance reporting tool that provides Apple administrators with insights into key information in one place concerning their entire fleet. This should help IT staffers monitor policy compliance, investigate incidents, and identify problems across managed endpoints, soon to include Vision Pro.
Weldon Dodd, senior vice president of community at Kandji, told me: “Michael Palmer expanded on Clive Humby’s famous quote that ‘data is the new oil’ by explaining that, while useful in its raw state, data must be refined to become really valuable.
“Data about endpoint devices is an incredibly rich resource for device management, troubleshooting, and productivity improvements and is critical to establishing a comprehensive security posture in today’s remote/hybrid/work-from-anywhere environment,” Dodd said.
Access all endpoints
Previously, users have been able to see details about individual devices in the Kandji console; now they can see all that data in one page. Being able to swiftly review such information fast is gold dust to IT and security teams, as it gives them actionable insights that can help prevent or respond to problems in those fleets.
“Prism’s streamlined reporting puts critical information at the fingertips of IT administrators with only a few clicks, allowing them to keep their fleet — and their workforce — operating securely and productively,” said Dodd.
What categories of device data can be reviewed?
The following information is available:
- Activation lock details and status.
- State of the built-in macOS application firewall.
- Application inventory.
- Desktop and screensaver configuration.
- General information about enrolled devices.
- FileVault status on macOS devices.
- The version and status of Gatekeeper and XProtect on Macs.
- All profiles installed on all devices, including those not installed by Kandji.
- All installed extensions and their status.
- All installed launch Agents and Daemons on a device.
- Local Users.
- Startup Settings.
- System Extensions.
- All Transparency, Consent, and Control/Privacy Preferences Policy Control (TCC/PPPC) exceptions.
This information is searchable as well, so users can drill down to identify all devices using specific apps, or versions of those apps, or any device running extensions that have not been approved by IT. Reports can be exported in CSV format and provided automatically.
Why does reporting matter?
In unveiling Prism, Kandji pointed to its most recent report on Apple in the enterprise. A second report suggested that those organizations that lack good visibility into their IT assets experience 3.3 times more incidents than those who do.
As I keep hearing from so many in the sector, Apple use is rapidly growing in the enterprise. As business turns to Apple, enterprise tech is accelerating its use of device management solutions, creating opportunity for vendors in the space such as Jamf, Addigy, Hexnode, JumpCloud, and Kandji.
There’s plenty of soil still to till — one piece of research claimed as many as half the businesses in some sectors don’t yet use device management solutions to protect their growing Apple fleets, which means there’s still business to be generated.
Of course, as the MDM APIs Apple provides to device management vendors iteratively improve every year, the reasons not to use MDM continue to shrink, particularly in regulated industries. Compliance isn’t a nice-to-have, after all; for some businesses it is a legal requirement.
The other component to Apple’s secret enterprise sauce is that the company continues work to win over Windows admins.
“Apple is actively working to win over remaining admins from Windows,” an industry insider recently said. “The enhancements and simplifications they’re making not only improve device management but also motivate admins to choose Apple now and in the future.”
The growing maturity of Apple enterprise services and support industries means the features IT enjoys on the platform also continue to improve.