New product series: Getting to know Compliance Reporter

Gain real-time visibility into your Mac endpoints: from critical processes, network, system and user activity – gather reports of valuable compliance status data to audit security settings, validate system integrity and plan actionable, data-driven remediation workflows to meet complex compliance requirements of regulated industries.

February 8 2022 by

Jesus Vigo

Healthcare, Finance, Legal, Education and Government. What do these industries have in common? Well, when it comes to managing their IT infrastructure, the common thread is: regulation.

Each of them houses unknown numbers of businesses under their collective umbrella. Each entity is subject to regulatory controls, limitations and requirements as to how data is collected, stored, managed, accessed, disseminated and disposed of. Furthermore, each industry in most cases has its own regulatory body with its own set of needs that each organization must adhere to.

And no, the fun doesn’t stop there! Each country, territory, or region that an organization operates in may be subject to the unique (and often differing) regulations imposed by the respective locale’s regulatory bodies. If you’re a business operating within the borders of regulation, you’ll want to make certain that you’re coloring within the lines of each of these requirements lest you be found in violation of these regulations, to which there are very severe civil and/or criminal penalties to be imposed.

So, how are organizations expected to remain compliant while utilizing on/off-premises solutions and perform business operations locally and/or remotely using Mac?

Enter Compliance Reporter from Jamf, the security monitoring tools exclusively designed for macOS, which streams data in real-time, centrally collecting it within Security Information and Event Management (SIEM) solutions, collected logs or data lakes, allowing IT & Security teams to perform analysis that identifies security threats that pose risks of compliance exceptions. Armed with this valuable data, compliance levels can be measured and proactive workflows may be executed to ensure endpoints remain compliant and/or non-compliant devices are remediated, bringing them back into the fold before threats can be exploited.

“Come on, feel the noize”

Okay, so maybe extra noise isn’t generally helpful, but in this case, the “additional noise” generated refers to the amount of data that is being collected on endpoint health statuses for all devices in your fleet. Having this data is incredibly useful, especially when centrally managing it through a SIEM which can sort and collate it into reports that provide IT and Security teams with a wealth of granular insight into where compliance currently stands – and further helps them to identify where opportunities exist to remediate issues and/or develop actionable plans based upon data findings when moving forward in complying with regulations.

“I am unable to comply”

What happens when endpoints fall out of compliance? Is it game over and the organization must start anew? Not necessarily. Technology is everchanging, meaning that it won’t be surprising to have devices needing a little TLC from time to time to maintain compliance.

The idea behind Compliance Reporter isn’t to always be on the right side of compliance or else you’ll be penalized, per se. The concept is to have your finger on the pulse of the endpoints in service, understand where they stand at any given time and be aware of any changes that impact compliance, offering the ability to mitigate this before it leads to a violation, exploit, or worse.

“Joo joo eyeball”

The collection of data from endpoints – especially when considering fleets of hundreds or thousands of devices should not be taken lightly. Compliance Reporter has the capability of collecting a great many details about a device, leading to high volume logs that can easily overwhelm an admin reviewing them for pain points.

Again, the aim here is not to focus on all-or-nothing scenarios, but rather to be more surgical or deliberate in the types of data collected based on the needs of the organization and the regulatory requirements they need to adhere to. As the great Gong Fu Master Bruce Lee would often say, “Absorb what is useful, reject what is useless.” The quote reflects an anecdote in this case about configuring Compliance Reporter to record data on what is necessary for your organization and compliance needs, while filtering out what may be unnecessary or simply put: useless toward achieving your goal of compliance.

“All in together now”

Pairing Compliance Reporter is made possible through useful integration functionality that is present within the app. When speaking of integration, it is important to note that this holds several meanings – all of which are useful and will play a significant role in achieving your organizational compliance needs.

  • Regulatory Compliance: Provides out-of-the-box support for collecting all relevant data from macOS endpoints. To that end, compliance and auditing requirements are met and exceeded for popular frameworks, such as NIST 800-53, NIST 800-171 and DISA STIG, to not only adapt to, but also extend the device hardening standards outlined in the macOS Security Compliance Project, as well as recommended by Apple.
  • Streaming Compliance and Audit Data: Gain visibility in your macOS endpoint fleet by collecting activity and compliance setting data, streaming it to your SIEM solution or other data analysis tools in real-time for an up-to-date, deep look into the health status of your devices while minimizing non-compliance exposure.
  • Aligned with Apple: Designed to preserve the user experience on your Mac fleet by leveraging Apple’s security model to collect macOS auditing and compliance data, in accordance with Apple privacy standards, in highly regulated environments.
  • Part of the Jamf family: Leveraging the data gathered to identify endpoints in real-time that deviate from security standards, benchmarks and baselines, admins can implement automated workflows within Jamf Pro to not only manage devices but also remediate endpoints, ensuring compliance is maintained across the entire fleet.

Why wait until a data breach identifies device(s) that are out of compliance?

Jamf Compliance Reporter provides insight into the compliance status of your macOS fleet in real-time, allowing IT to remediate proactively, bringing endpoints into compliance.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.

Tags: