These days, implementing a minimum level of security protections on your organization-owned devices is expected by your customers, suppliers, and employees. Whether you leverage an outsourced IT group (such as an MSP or MSSP) or have an internal team, best practices around endpoint security should be taken seriously. The challenge is that many organizations don't know where to start, and their MDM/EMM solution (if they have one) only covers a few basic settings, which simply won't cut it. Luckily, The Center for Internet Security (CIS) is an excellent starting point, and by many is considered the 'Gold Standard' of IT security and compliance. They have a global community of cyber security experts, and have published 100+ configuration guidelines for various technology groups to safeguard systems against today's evolving cyber threats.

Today, almost every business can benefit significantly by utilizing a Device Management system. MDM (Mobile Device Management) and EMM (Enterprise Mobility Management) systems can simplify the process of deploying and maintaining your fleet of devices.

We're excited to preview our next flagship feature: Application Blacklisting. With Application Blacklisting, you'll be able to specify which Applications are not allowed to run on your enrolled Macs. We make it easy to block unwanted macOS applications, by displaying a list of all applications running on each Mac within our Web App.

 What does it mean to make the Macs in your organization 'compliant'? Well, oftentimes that depends on your vertical, customers, product, and even people.

While some organizations must comply with only internal standards developed by IT and/or Security departments, many organizations struggle to meet additional standards or frameworks, such as CIS, NIST, HIPAA, and FedRAMP.

The sad truth is that knowing how to become (and stay) compliant isn't easy. Let's take a look at some of the most common standards as they relate to macOS.

At the heart of Kandji are Parameters: The individual policies that are available to secure your businesses Macs. Parameters are pre-coded and validated with each update of macOS. Kandji currently offers over 130 Parameters to choose in its ever-growing library. The library has been built specifically for companies who need to be compliant with standards like CIS, HIPAA, and NIST.

Some Parameters are as simple as turning on a light switch, for example, Enabling Firewall. More advanced parameters easily allow you to set custom variables, for instance, Manage the number of permitted Firewall rules.

Introduction

Just under a decade ago, we started an MSP that focused on helping companies use Macs. The percentage of Macs used in businesses around the world continually grew year over year, and still shows no sign of stopping. This growth helped us become experts on the tools needed to keep Macs in the workplace running successfully. We built an expert team of IT engineers and consultants, with specialities in a wide range of highly-technical areas, all focused on providing Apple-based businesses with the best-in-class IT stack possible.

As Mac focused IT experts, we found no solutions for companies trying to comply with NIST, CIS, or even internal standards. Companies were forced to write their own custom code for each policy, maintain and deploy it manually, or hope they don't get audited.