Insight Management

The Insights page allows you to view and filter insights by category, CIS level, and status (enabled or disabled). Each insight also contains a bar graph that shows the overall compliance status for computers in your organization.

Insight Categories

  • Authorization

    Monitors macOS settings related to passwords, keychain, and authentication

  • Updates

    Monitors software and application update settings to ensure the most recent versions are installed

  • Users

    Monitors the settings and usage of the login window and guest accounts.

  • Preferences

    Monitors macOS System Preferences to ensure common data sharing and settings are disabled

  • Networking

    Monitors Wi-Fi and server settings

  • Auditing

    Monitors security audit settings to ensure they are enabled

  • Jamf

    Monitors macOS security tool updates and miscellaneous security recommendations from Jamf.

To learn more about an insight, you can click it to view a description and a list of status updates from computers for the insight.

CIS Benchmark Levels

Insights that correlate to the Center for Internet Security (CIS) benchmarks for macOS are tagged and categorized into two levels:

  • CIS Level 1

    Security benchmarks that are practical and not detrimental to a computer's performance or user experience.

  • CIS Level 2

    Includes all level 1 benchmarks in addition to advanced benchmarks that may impact computer performance and user experience.

Unsupported CIS Benchmarks

Insights for the following CIS benchmarks are not included in Jamf Protect:

  • iCloud Document Sync

  • iCloud Desktop Sync

  • Secure Home Folders

  • Check System Wide Applications for Appropriate Permissions

  • Check System Folder for World Writable Files

  • Check Library Folder for World Writable Files

Jamf Insights

Insights with the Jamf tag include security recommendations from Jamf and provide additional visibility into macOS security.

Current Jamf insights include the following:

  • Malware Removal Tool daemon (MRTd service) is running

  • Malware Removal Tool definitions are up to date

  • XProtect Signature definitions are up to date

  • Airdrop is Disabled

Enabling Insights

Individual insights must be enabled on the Insights page.

  1. In Jamf Protect, click Insights in the sidebar.
  2. Review available insights and enable or disable them to meet your organization's needs. By default, all insights are enabled.
    Note:
    • You cannot change which individual insights are enabled or disabled on a per plan basis.

    • Data from disabled insights are still collected during each check-in but is not displayed in the Jamf Protect web app.

  3. Click Save.

Enabled insights will now be monitored on computers with insights-enabled plans.