The real problem for Stephen Malone—Built’s IT infrastructure manager—was that managing and securing his fleet of Apple devices required a stack of tools. For example, he had one for deploying software, one for updating it, and yet another for notifying the users about those updates. Enforcing security settings required another tool altogether.
“It was complete disarray,” says Malone.
"We had all these tools. None of them was easy to use, and none provided comprehensive support, so troubleshooting was difficult. The device-management solution we had in place was geared to Windows—it technically supported Mac but didn’t do so reliably."
Furthermore, its custom scripting feature was neither intuitive nor easy to roll out, and there wasn’t much in the way of connecting things via API.
Stephen MaloneIT Infrastructure Manager“Getting ready for a SOC audit meant cleaning up and compiling reports from multiple systems, which would force all other projects to grind to a halt.”
The result was that tasks that should be set-it-and-forget-it took up scarce admin time. Even things that could be automated required extensive setup, monitoring, and intervention to make sure they were working correctly.
For example, if the patch management system alerted him that updates weren’t going out, he’d have to sign in to the system, filter to find the computers that weren’t updating, and attempt to push updates. He had no simple way to notify users about what was happening or give them a time frame for enforcement.
This setup was especially difficult to navigate when it came time for audits. “Getting ready for a SOC audit meant cleaning up and compiling reports from multiple systems, which would force all other projects to grind to a halt.”
Kandji enabled Malone to consolidate device management, software patching, and device hardening into one system. He could let users do everything they needed on their devices, while still achieving the tough security standards he needed to meet. “When I saw the demo, a light went on: I can replace five or six tools with this one—and save money.”
Kandji breezed through Built’s extensive procurement process, fully vetted by security and legal. “When our security team saw it, they immediately saw its value.”
“When I saw the demo, a light went on: I can replace five or six tools with this one—and save money.”
Kandji’s automation-driven approach meant that patching software, notifying users, and continuously enforcing security settings were all put on autopilot.
That freed up Stephen’s team to address a more strategic goal: an approach to endpoint security that balanced end-user convenience and protection. They didn’t want just to lock down machines. “It was about having holistic endpoint security while maintaining device functionality.”
Before Kandji, that required multiple tools and scripts running on individual machines; now it was all managed centrally. Kandji’s Self Service software meant they could keep users out of the Apple App Store while still giving them the flexibility to install the sanctioned tools they needed.
“It’s almost incalculable how much time Kandji has saved us,” Malone says.