Login
    Contents x
    Establishing Compliance Baselines
    • 01 Jun 2023
    • 2 Minutes to read
    • Dark
      Light
    • PDF
    Contents

    Establishing Compliance Baselines

    • Updated on 01 Jun 2023
    • 2 Minutes to read
    • Dark
      Light
    • PDF
    Article Summary

    Regulated industries and government agencies that handle sensitive or classified data are required by their InfoSec teams to harden and secure endpoints as much as possible.

    Other organizations may not need the highest security possible, but may still want to achieve a custom level of security they can track and enforce.

    Staying on top of all the changes and features in every macOS release is cumbersome and time-consuming and may lead to data leaks or exfiltration.

    Various government entities and organizations have provided guidance that details settings/controls that should be reviewed when developing security compliance policies. These are known as security benchmarks. A benchmark is a set of best-practice cybersecurity standards for a range of IT systems and products.

    Your organization may choose to develop its own security benchmark or may be required to adopt one of the well-known security benchmarks or baselines including CIS, NIST 800-53 & 800-171, DISA STIG, CNSSI.

    Jamf Compliance Editor

    Jamf Compliance Editor is a tool that provides macOS system administrators with an easy way to establish and manage compliance baselines on their fleet of macOS devices.

    This tool is built on the foundations of the macOS Security Compliance Project, hosted by the United States government agency, NIST, in their Github repo.

    This application features:

    • Easily selectable benchmark/baselines for customization
    • Support for all variations of benchmark/baselines currently offered by the macOS Security Compliance Project.
    • Support for multiple major macOS versions
    • Modificiation of organization-defined values (ODV) from the core compliance project specifications
    • Local storage of your custom benchmark(s) for editing later
    • An easy-to-use UI that eliminates the need for complicated scripting
    • One-click guidance creation that includes:
      • PDF, Excel, HTML, and Adoc for audit review with option to add branding
      • Shell script (zsh) that can audit and remediate endpoint
      • All configuration profiles needed to be uploaded to MDM server
      • Jamf Pro Extension Attributes that will submit status of benchmark/baseline of macOS endpoints

    Support

    Please note that all resources contained within this page are provided as-is and are not officially supported by Jamf Support. The Jamf Compliance Editor application is a free-to-use Jamf Pro add-on utility.

    User Guide

    See the Jamf Compliance Editor User's Guide for more details.

    Open or Download the PDF file here: Jamf Compliance Editor - User Guide.

    Download

    Jamf Compliance Editor v1.1.5.tar.gz

    This application is signed by JAMF Software (483DWKW443). The SHA256 Checksum is 0bc76d7eb7cae7632ca2bad0e6bb20827b05030349a8e6296b2c258b60f65115. As with any software, do not run if signature validation fails.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout