Jamf and MacBook

Jamf touts big corporate security boost at JNUC

Jamf opened its annual JNUC event for Apple administrators today with a series of announcements focused on device management and security, a new Jamf Trust app, additional information about its recently announced ZecOps agreement, and other updates. updates that may be of interest to Apple IT professionals.

The company has also committed to supporting Microsoft device compliance on Macs later this year, with support for Google’s (BeyondCorp) contextual zero trust framework on iOS devices in early 2023.

What drives the Jamf method?

Before JNUC, I spoke with Jamf CEO Dean Hager, who explained the philosophy behind what the company advertises. Ultimately, this is a continuation of Jamf’s core mission, which is to bring complex enterprise technology integration to the 21st century by ensuring that it not only supports Apple’s technology, but that its implementation is married to the kind of consumer simplicity you’ve come to expect from Cupertino’s platforms.

“We’ll kick off the event by asking two simple questions: ‘Do your users like their working technology? ” did he declare. “Does your organization trust all access that comes from this technology? And we think you should see a resounding ‘yes’ to both. We believe that through the merging or combination of management software, software and security, we believe this combination is what makes this love and trust possible.

Jamf also confirmed that it now supports 29 million Apple devices worldwide with 69,000 customers, a 15% increase since the start of this year. Complex simplicity makes the difference.

Here’s what Jamf revealed at the start of JNUC 2022

What is Jamf Trust?

The Jamf Trust app ties the user’s identity to a device so that Jamf’s security services are dynamically configured based on the user’s identity and role. This casts a veil of protection across the entire enterprise, placing protections around application access and making it simple to use with powerful enterprise-grade protection.

What this actually means is that Jamf can now ensure that macOS and iOS devices are properly configured and protected against cyberattacks on first boot.

Jamf and iPhone Jamf

Jamf Trust in action. The system can automatically react to an incoming threat, warn the user, explain the problem and alert the security monitoring system.

What’s new in Jamf Protect?

Next month, Jamf Protect will benefit from rich endpoint telemetry data collection as well as a new offline deployment mode that pushes telemetry data directly to a Security Information and Event Management (SIEM) system for customers with high compliance requirements.

To support this new feature, the company has already scanned over 430 million unique domains. “By measuring a multitude of dimensions of these sites, including top-level domains, subdomain entropy, domain compositions, and brand spoofing, Jamf was able to identify and to block more than 122,000 zero-day phishing attacks last year alone,” the company said.

Powerful remote access

In early 2023, Jamf is planning a new remote access feature that will allow IT administrators to authenticate and take remote control of any Mac in their fleet – physical and virtual – directly from Jamf Pro.

Simplify application deployment (and secured)

Jamf is already making sure its systems are ready to install when Apple’s own operating systems ship. Last year, it began working to make it easier to manage and update third-party apps with app installers in the company’s app catalog.

The company now monitors over 1,000 titles frequently used by its customers with over 100 application installers available. IT can use this to install fully patched and updated versions of the applications they need.

As can happen on the MDM side, devices are protected against accidental installation of untrusted or unverified apps. The company is preparing to introduce improvements to its App Installer user notification system, as well as simplifying the installation of apps in Self Service, to ensure that only apps relevant to the user and authorized by IT are displayed in their custom app catalog.

Maximum security? Zero trust?

The company has also enhanced its patented Smart Group technology by synthesizing multiple layers of data, including user, device and emerging risk data into security workflows that enable organizations to identify threats and act on them. automatically act on threat data. Among other things, this leverages Jamf’s ability to block access to a device or specific device features if a compliance issue is detected.

The company also hinted at additional work with cloud identity providers such as Okta. It can now enforce the use of Private Access to ensure that only devices protected with encrypted data can run enterprise apps, while automatically locking out compromised users and devices.

As noted, the company is also looking to mitigate weak points in the authorization. Microsoft Device Compliance will be available for Jamf-protected Macs later this year, while Google’s Contextual Zero Trust Framework (BeyondCorp) will be available for iOS devices in early 2023. These protections are already available on iOS and Mac, respectively.

Jamf says the combination of all these new zero-trust capabilities will provide multiple layers of organizational protection through device health scores and smart groups to block non-compliant use at the device, network, and cloud level.

Hager explained that the approach maximizes the potential of zero trust. “We would prefer to talk about trusted access,” he said. “This is where the integration of Microsoft and Google comes in.

“Because, let’s face it, if Jamf senses something is wrong with a device or a person, we can block that device immediately. We can turn off this device at the network level. With our Private Access, or Microsoft and Google through their integration with us, they can disable access so that we have the ability to block access at the device level, network level, and cloud level. And honestly, I don’t know of anyone else in the industry who can do that. And therefore, an organization can trust every incoming access point.

Hager also highlighted how Jamf Protect can create workable barriers between personal and business use of a device, protecting privacy while protecting the device — and the business. It’s about maintaining Apple’s “relentless focus on the people” at the company, Hager said on stage at JNUC.

Make plastic access badges the story

Those plastic access cards/badges that everyone loses should be thrown in the dump of history. Starting next year, Jamf will integrate with SwiftConnect’s cloud platform so organizations can provide employees with digital employee badges that can be accessed through Apple Wallet on iPhone and Apple Watch and authenticated through Identity. employee cloud. This basically means that your watch or iPhone will be your office key.

It is reassuring to see that this integration between Jamf Trust and SwiftConnect’s cloud platform will also integrate with industry leaders in identity, credential management and access control in the cloud, including Microsoft, Okta, Google, HID, Lenel, Genetec and others.

Jamf embraces declarative device management

Apple will support declarative device management on Mac starting next year.

Next month, Jamf will support this feature. This means devices will proactively report their status in real time, which means IT can automate or make better decisions about device protection. Additionally, Jamf and AWS last week announced their new partnership to automatically enroll virtual EC2 Macs into Jamf Pro when provisioned through the AWS Portal.

There’s more to come from the event, so stay tuned as I dig deep into the show’s announcements.

Please follow me on Twitteror join me in AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2022 IDG Communications, Inc.

#Jamf #touts #big #corporate #security #boost #JNUC

Leave a Comment

Your email address will not be published. Required fields are marked *