Fleet, an open-source endpoint security company, recently extended its offerings with osquery script execution of managed devices. CEO Mike McNeil talked about what this means. Credit: Arlington Research The continued evolution Apple is experiencing within the enterprise is real. Because that’s the case, the growing ecosystem now encompasses numerous alternative approaches to enterprise device security and management. With that in mind, I spoke recently with Mike McNeil, CEO of Fleet, an open-source endpoint security company that recently added support of osquery for script execution of managed devices for its business clients. Open-source for the Mac enterprise The advantage of this is it lets admins who cannot administer their Macs via conventional mobile device management platforms a way to accomplish tasks such as remote lock/wipe or executing remote “raw” MDM commands. (Regular readers might recall we spoke with Fleet last spring, when the company had just introduced its own cross-platform, open-source take on device management. That’s when we also learned that Fleet’s co-founder, Zach Wasserman, was also a co-creator of osquery, which provides some synchronicity to the company’s latest move. What is Fleet? Fleet is built with an open architecture and embraces GitOps, allowing IT departments to approve script changes and execute them on demand. This approach means enterprise security teams can run pre-approved scripts via a simple REST API, which provides some opportunities for flexible device management. While this won’t fit every enterprise, Fleet believes the open-source nature of what it does provide gives business owners a flexible solution with which to manage and protect their hybrid IT operations. What it provides: from read-only to script execution “The most significant advantage for Mac Admins with Fleet’s remote script execution capabilities comes to admins who cannot administer their macOS devices via Mobile Device Management (MDM),” said Wasserman. “Fleet allows you to escalate from a read-only system to a script execution system, allowing for not just monitoring but remediation as well. Previously, this was possible only for users with control over the device via MDM.” Wasserman also explained that the system delivers granular access to infrastructure that’s difficult to achieve using other systems. For customers, “being able to be more exact allows them to go to these teams less, which saves everybody time,” he said. The beauty of an open-source approach is that this kind of information might be easier to find, at least for some users in some scenarios. Build out better It also limits the tendency to keep throwing software at problems. He cited a customer, who said: “Half the problem is that our executives just keep buying things and tacking on new tools. IT and security budgets fluctuate with the trends, and right now we don’t have much extra cash to play with, even if buying something was the answer.” It makes more sense, he thinks, to use an architecture that can be more easily extended to handle new challenges, rather than end up with multiple applications running alongside each other to achieve different things — particularly when these applications often do similar things. This may generate scenarios in which an admin might have security tools, “but they don’t tell me who (which user) the device is checked out to, so I have to go to my inventory management for that information. Then, I have four other pieces of software to gather information about my endpoints, and I even have spreadsheets from 10 years ago. All these things get slapped together in the moment, and none of them communicate with each other. But the higher-ups do not understand the technical debt or the importance of intentionally streamlining the tools for us to work effectively.” Better is not necessarily better than best “Juggling diverse platforms will often lead to adopting more vendors, which translates to higher costs and reduced efficiency due to the need for additional personnel with unique skill sets that translate poorly from one platform to the next,” he said. “There’s no one-size-fits-all solution to this complex situation, no ‘easy button’ or single vendor that can solve these problems effortlessly.” That’s why Wasserman thinks his offering, “gives you the flexibility and freedom to adapt and grow without being locked into proprietary solutions.” There are larger enterprises that develop their own in-house options for device management and security. Fleet should help make that tactic available to a wider congregation of businesses that don’t have the budget to reinvent the wheel. It might be of particular use for admins managing complex platform infrastructure. Meanwhile, existing MDM and security environments such as Jamf, Mosyle, Addigy, Kandji, and others provide solid, tested solutions designed to support the transformation of enterprise IT. The times continue a-changing If you look back across the decade leading to today, it is clear that rapid growth in the number of vendors offering Apple focused software and services represents a burgeoning sector of the tech industry. It’s a sector on a mission to promote continued change in the traditional shape of enterprise IT, even as the next phase of generative AI prepares to transform the environment all over again. Follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe. Related content news analysis 3+ reasons Apple might want to make its own server chips Apple reportedly has a top secret plan to make AI chips for servers to provide generative AI services. By Jonny Evans May 07, 2024 5 mins Apple CPUs and Processors Generative AI news With its new iPad, Apple's Empire strikes back Apple is preparing to introduce new iPad Pro and iPad Air models as it seeks to regain momentum in the tablet market. By Jonny Evans May 06, 2024 5 mins iPad Apple Tablets news analysis Apple earnings: About that iPhone 'slump' in China Based on information from Thursday's earnings report, it seems that data pointing to an iPhone slump in China were over-baked. By Jonny Evans May 03, 2024 9 mins iMac iPhone Apple news analysis Apple confirms it will open up the iPad in Europe this fall The latest efforts to comply with Europe’s Digital Markets Act mean developers can offer to side load apps to both iPhones and iPads in the EU. Apple has also taken steps to improve what it offers to smaller and non-commercial developers in the By Jonny Evans May 02, 2024 6 mins iPad Apple Mobile Apps Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe