Procuring a mobile device management (MDM) solution isn’t a project to take lightly — your organization’s productivity and security depend on it.
But with myriad solutions out there, it’s not easy to find one that will exceed your expectations. So we’ve made your evaluation process a bit easier.
In this post, we review the pros and cons of two common Apple MDM solutions, Kandji and Addigy, and introduce an all-in-one MDM, IAM, and user management solution that surpasses all MDM solutions on the market — in terms of ease of use, security, and functionality.
Let’s dive in.
Overview of Kandji
Kandji touts itself as a “next generation” Apple device platform that serves SaaS startups, mid-market businesses, and enterprise companies. Kandji’s big draw is its easy-to-use, easy-to-setup platform that doesn’t require significant coding experience. It also has over 200 pre-built automations and customizable workflows for more efficient MDM.
If IT and MSP professionals want to personalize device setup for remote employees, they can with Kandji’s unboxing experience called “Liftoff,” which installs the right settings, security, and apps for each user.
A few other pros to Kandji are its:
- Easy migration from existing MDMs
- Top-tier support
- Agile, cloud-native architecture
But Kandji isn’t perfect. Its MDM capabilities are currently limited to Apple devices, meaning companies with Linux or Windows devices will need additional MDM solutions to support those devices and will likely have to augment Kandji’s basic Apple security with authentication apps like Okta.
Customers also note that:
- You must talk to sales for a quote
- Kandji’s API and SSO are only available for companies with 500+ devices
- Challenges creating group-based assignments with “Blueprints”
- Some functionality and automations do not work as advertised or demoed
Overview of Addigy
Addigy is an MDM founded in 2013 that helps IT and MSPs manage Apple fleets. With Addigy, admins can:
- Configure zero-touch enrollment
- Manage device settings with profiles
- Schedule system updates
- Get Day 1 support for new Apple features
- Remotely lock or wipe devices
- Apply CIS and NIST security frameworks
- Integrate with ticketing systems like Zendesk and security software like Intune and Malwarebytes
Built to support a multi-tenant infrastructure, Addigy is a logical choice for MSPs supporting Apple-exclusive clients. However, Addigy is tough to jump right into. Tailoring it to an organization’s policies and procedures takes knowledge of custom scripts. Users have had trouble navigating the unintuitive interface and making use of Addigy’s native reports.
Kandji vs. Addigy Comparison Table
To make the comparison between the two tools a little easier, here’s a chart that breaks down the differences between what Kandji and Addigy offer:
Attribute | Kandji | Addigy |
Supported OS | macOS, iOS, iPadOS, tvOS | macOS, iOS, iPadOS, tvOS |
Pricing | Must go through their pricing calculator and talk to sales | Starts at $4/mo/Mac and $1/mo/other devices |
Ease of Use and Setup | Known for its fast and easy setup Clean UI | Need to be familiar with custom scripting Without first-hand experience, setup can be challenging and may require Addigy support |
Device Management Capabilities | Library of 200+ prebuilt policies Can customize maintenance schedule to minimize disruption Real-time security and compliance monitoring Best suited for one org | Persistent connection that monitors the security and compliance status of all devices in real time Automates remediation Runs regular maintenance when it is convenient for end users Flex policies |
Security Features | Basic Apple security features Automatic remediation and patch management RBAC doesn’t offer finite control Lacks API logging No management console | Can configure role-based privileges on multi-tiered and multi-tenant systems SAML 2.0 and OAuth 2.0 Support Password and multi-factor authentication methods |
Integration Options | Cloudflare, Google, Microsoft, Okta, Secureframe, Slack | Freshdesk, Google, JumpCloud, Malwarebytes, Microsoft Intune, Okta, Splashtop, Zapier, Zendesk |
Support and Customer Service | 24/7 text chat support | Inconsistent reviews — some users feel Addigy support is adequate, others don’t Training is built into the implementation, but their Knowledge Base is lacking, and other documentation isn’t always clear |
Other Attributes | Slightly better overall G2 reviews | Custom branding and no-cost support for MSPs End-to-end IT inventory management |
JumpCloud as an Alternative Solution
Kandji and Addigy are adequate if you’re a smaller, Mac-only company. Even then, you’ll still need to rely on other supplemental vendors for SSO and multi-factor authentication (MFA), adding to the list of software your team needs to manage and increasing the chances of costly mistakes — particularly when adding BYOD devices to the mix.
Before using JumpCloud, some of our customers gave up on using a prefab solution, opting for an open source MDM and spending the time and money crafting a custom MDM solution.
For larger enterprises with a more diverse set of devices, more complex security and compliance requirements, and a greater need for a holistic device, identity, and access management solution, JumpCloud MDM is your top choice.
Neither Kandji nor Addigy come with user management capabilities, but JumpCloud is the leader in identity and access management. As a cloud-based alternative to Active Directory, JumpCloud can enforce policies on MacOS, Linux, and Windows and secure Wi-Fi connections through RADIUS. Not only that, JumpCloud can support directory integrations through LDAP and implement SSO through SAML 2.0 — all from an intuitive, SaaS-based console.
Comparison: Kandji vs. Addigy vs. JumpCloud
JumpCloud offers IT and MSPs an all-in-one solution — not only for device management but for identity management, employee onboarding and offboarding, network security, and compliance. The best part? It’s all managed in a centralized, easy-to-use platform.
Here’s how JumpCloud outperforms Kandji and Addigy:
Attribute | JumpCloud | Kandji | Addigy |
Supported OS | macOS, Windows, Linux, iOS, iPadOS, tvOS, and Android | macOS, iOS, iPadOS, tvOS | macOS, iOS, iPadOS, tvOS |
Pricing | MDM only for $9/user per month. Platform: $19/user per month. MSP-specific pricing via partner program. | Must go through their pricing calculator and submit your email for accurate pricing | Starts at $4/mo/Mac and $1/mo/other devices |
Ease of Use | No-code/Low-code Smooth device configuration onboarding flow Pre-built workflows for adding both corporate-owned and BYOD devices | Known for its fast and easy setup Clean UI Customizable setup experience called “Liftoff” | Need to be familiar with custom scripting Without first-hand experience, setup can be challenging and may require Addigy support |
Device Management Capabilities | Securely manage corporate-owned and personal Windows, Linux, Apple, and Android devices Personalize the device setup experience Push commands, policies, and secure configurations from a centralized console Zero-touch enrollment | Library of 200+ pre-built automations Can customize maintenance schedule to minimize disruption Real-time security and compliance monitoring | Persistent connection that monitors the security and compliance status of all devices in real time Automates remediation Runs regular maintenance when it is convenient for end users Flex policies |
Security Features | Secure and manage GCP, AWS, and Azure cloud server resources Automated patch management Meets ISO-27001 requirements SSH key management PowerShell for complicated security use cases Designated “work profiles” for BYOD | Basic Apple security features Automatic remediation and patch management RBAC doesn’t offer finite control Lacks API logging No management console | Can configure role-based privileges on multi-tiered and multi-tenant systems SAML 2.0 and OAuth 2.0 Support Password and multi-factor authentication methods |
Integration Options | Entire integration directory with DevOps, infrastructure, cloud directory, and security partners | Cloudflare, Google, Microsoft, Okta, Secureframe, Slack | Freshdesk, Google, JumpCloud, Microsoft, Okta, Zapier, Zendesk |
Support and Customer Service | Can reach support via the Admin Portal, chat, or phone Called an “IT Admin’s best friend” “Persistently responsive” | 24/7 text chat support Many positive reviews regarding responsiveness and expertise | Inconsistent reviews — some users feel Addigy support is adequate, others don’t Training is built into the implementation, but documentation isn’t always clear |
IAM capabilities | RADIUS authentication for VPN, Wi-Fi SSO and SAML/SCIM-based user provisioning Network trust MFA Robust password management Directory reports and dashboards | N/A | N/A |
Addressing Common Concerns and Issues
Point solutions Kandji and Addigy can only support Apple-driven companies and simply don’t offer the wide range of services that JumpCloud does. JumpCloud helps IT and MSPs handle MDM and IAM with minimal effort, all from a single, unified platform.
Unlike Addigy’s challenging setup, JumpCloud’s point-and-click interface and always-on support make implementation a breeze. JumpCloud’s automation features also rival those of Kandji, supporting zero-touch enrollment with automatic onboarding and offboarding and plenty of other customizable workflows beyond device management.
Dropship a device to a remote employee, and they’ll be up and running as soon as they log in with their JumpCloud identity. And with built-in patch management, their devices will continue to run properly and securely on the latest OS updates.
But security doesn’t stop there. JumpCloud helps IT and MSPs securely manage user app permissions, cloud servers, networks, and SSH keys while still remaining flexible, following open protocols like SAML, LDAP, RADIUS, and SCIM to connect any other resources.
Integrate MDM, IAM, and User Management
Before landing on a solution, take time to do your own research and evaluate your specific needs. But if you’re an IT admin or MSP that needs multi-tenant support for a range of operating systems that need to comply with strict security and compliance requirements, consider JumpCloud your one-stop shop.
Unifying MDM, IAM, and user management with JumpCloud eliminates the challenges that come with most MDM solutions, decreasing total cost of ownership, limiting IT sprawl, and enabling greater MSP penetration within a client’s infrastructure. Perhaps most importantly, JumpCloud streamlines the IT and MSP workflow, ensuring greater employee productivity and freeing up time to resolve the most pressing issues on their to-do list.
To learn more about how JumpCloud works, get hands-on with our product and sign up for a free trial today.