Fleetsmith disabled their entire third-party app catalog this morning and disabled Bash scripting (that was reenabled 15 minutes ago), breaking workflows for a bunch of users (and, according to the MacAdmins slack, tons of end users got random popups asking for an administrator to fix kernel extensions that were previously loaded via Fleetsmith). [0]<p>I can understand having to sunset the catalog, but how did Fleetsmith (or Apple) think that doing that without one peep was okay? Even a "we've been informed by legal that we can't host these packages, so within x days they will be removed from our catalog. we will provide functionality to replace them on your systems with packages you make yourself".<p>0: <a href="https://www.reddit.com/r/macsysadmin/comments/hf30qk/apple_buys_fleetsmith_mdm/" rel="nofollow">https://www.reddit.com/r/macsysadmin/comments/hf30qk/apple_b...</a> (discussion about fallout)
This is very likely bad news for companies like Jamf.<p>Apple is likely wanting to bring macOS/iOS management into their own product suite and tightly integrate it in future products, much like what Microsoft did with Terminal Services, which nearly killed Citrix 20 years ago.
I deployed Fleetsmith a couple years ago after evaluating the field. Fewer features than the competition but well designed and clearly improving over time.<p>Zach Blum (CEO/co-founder) would regularly follow up on issues and tickets himself, always friendly and helpful.<p>I know transitions like this can be rough but I'm glad to see them achieve this success.
Wow. Apple seems to have gone out of their way over the years to <i>not</i> provide their own actual MDM service, or even a server for people to host themselves.<p>"We look forward to continuing to deliver Fleetsmith to existing and new customers." sure sounds like the service will stay open, AKA this is not Apple's usual acqui-hire and shut down the company.
CEO of Kolide here.<p>This announcement couldn't have come at a crazier time...today I planned on announcing our intentions to enter the MDM product space.<p>Our MDM is meant to be a new fresh take on device management that puts end-users in the driver seat. It's user focused device management and we are applying everything we've learned from our security product to the management space.<p><a href="https://blog.kolide.com/kolide-mdm-for-those-that-dont-need-to-be-managed-8f07a58319d2" rel="nofollow">https://blog.kolide.com/kolide-mdm-for-those-that-dont-need-...</a><p>If you are interested in trying out what we are releasing later this year, read the post, and get on the list <a href="https://www.kolide.com/mdm/" rel="nofollow">https://www.kolide.com/mdm/</a>
Fleetsmith has always been one of the only two commercial products I've endorsed for Mac management. They do great work and have the right vision.<p>I work a lot in this space on <a href="https://micromdm.io/" rel="nofollow">https://micromdm.io/</a> an open source service, and have industry experience doing device management at various organizations.
I migrated our entire fleet to Fleetsmith a few weeks ago, largely due to their third-party catalog and features like Chrome extension deployment.<p>All third-party apps have now been pulled and we have virtually no fleet management.<p>Happy for them, but it's painful for us. Classic Apple move.
Ok. So what exactly happens to Fleetsmith's coveted ISO 27001 and SOC 2 certifications? Barely four months ago Jesse Endahl promised: [0]<p>"Achieving compliance with the SOC 2 and ISO 27001 standards means that we are committed not just this year or the next — we are committed to operating our business in compliance with these standards every year going forward. Our auditors will request evidence to prove that we’ve continued to follow the policies, processes, and technical controls we’ve put in place on an annual basis. We look forward to demonstrating, year after year, that we’re worthy of your trust.<p>To get access to our SOC 2 report and ISO 27001 certificate, get in touch at sales@fleetsmith.com."<p>Apple has an ISO 27001 certification for Apple Business Manager, but I don't exactly see them being so hot on an independent CPA auditing their accounting practices for an AICPA certifications.<p>Personally, I think Fleetsmith being under Apple's control (a full service MDM solution provided solely by Apple), renders these certifications meaningless.<p>But hey, do you think if I email sales@fleetsmith.com, they'll be happy send me Apple's ISO 270XX certifications now?<p>0: <a href="https://blog.fleetsmith.com/soc-2-iso-27001/" rel="nofollow">https://blog.fleetsmith.com/soc-2-iso-27001/</a>
It is infuriating to see the entire investment we put into adopting and setting up Fleetsmith in our company to be done and they didn't even have the decency to send an email to tell us that. We had to find out here that this happened.<p>Next time when you want to sign up for a VC backed service, remember how many times they pushed the companies behind the tools we use to this end leaving us holding the can.
Is Apple planning to really go in on the enterprise usage? This aquisition, locking down access behind T2, notary notifications of everything in Catalina. I've not seen that direction in marketing yet, not it's like they started putting the foundations in place.
I'll throw out there that I work for JumpCloud. We just launched our MDM service for Macs on top of the remote management of Macs we've supported for almost eight years now, and continue to support Windows, and Linux systems as well. If you manage a heterogeneous fleet you should check us out. (Or honestly, I think we're pretty great in homogeneous envs too).<p>Accounts with less than 10 users are free.<p><a href="https://jumpcloud.com" rel="nofollow">https://jumpcloud.com</a><p>EDIT: Clarified that we've been remotely managing macs or the better part of a decade. The MDM piece is the new one.
Only tangentially related, but if you're looking for a sufficiently challenging development project the iOS MDM protocol is a great one. It's well-documented, so you're not stuck banging your head against a wall. It lends itself to microservices very well, and is explicitly asynchronous for a lot of operations. I spent a week or so writing one in Java (and later ported to server-side Swift) and found it moderately challenging and a lot of fun to write.
Good news! I trust Apple with user privacy a lot more than the horde of "Device Management" solutions lately that are full of grotesque privacy violations.<p>A world in which an IT person or contractor is able to run amok with random bash scripts on a user's laptop in the name of "device management", <i>without any controls whatsoever</i> is horrible for privacy.
I worked with Zach and Ken back at Wikia. They were great to work with! When Zach showed me the first version of Fleetsmith I was beyond impressed and knew he had discovered a very cool market opportunity. It's really nice to see their efforts get recognized in such a fantastic manner. Way to go!
May be a silly question.<p>Does that mean JAMF is dead? I dont see how there would be a large enough market left once Apple enter the field to sustain their business.