Last Thursday, I was locked out of my cloud MDM, my data was deleted, and MDM agents for every device @trailofbits were silently removed by the vendor, leaving the entire company unmanaged. There was no advance notice and no explanation.

This is a warning: Never use Kandji.
MDM is a pain in the ass, and we’ve been looking for a new vendor since Fleetsmith was acquired by Apple (and then disabled 90% of their product). Their agent barely worked, and frequently mishandled security updates.
Fleetsmith had clearly become a burning bridge when they failed, again, to apply 10.15.6 to our machines (one of their few remaining features). We found Kandji and within 3 days, their solutions team helped us plan and execute a one-way migration to their product.
In our last meeting, Kandji provided us a custom package to remove Fleetsmith from all our machines and step-by-step instructions for migrating to theirs. Satisfied with our testing and their help, we began migrating immediately.
The next day, Kandji pulled the plug on our entire installation and used a kill-switch to silently un-enroll all our devices. This violated their own license agreement, which requires prior notice, an option to cure, and preserving our data, like any good cloud service.
It’s now been a week, and we still haven’t received an explanation nor do we expect to! Even if it were explained, this behavior is unacceptable for any cloud service and truly malicious for a cloud security company. cc @badthingsdaily
In the end, this is another reminder that a cloud product is only as good as its operators. If you want a cloud MDM where incompetent management can impulsively nuke their clients without explanation and violate their license terms, then by all means please use Kandji.
You can follow @dguido.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: