In this year’s Jamf Nation User Conference (JNUC) keynote, “Simplifying the management and security of devices used for work” was the main focus. JamfCEO, Dean Hager asked Jamf Nation two questions:
- Do your users LOVE their work technology as much as their home technology?
- Does your organization TRUST that every person and device accessing your network resources is safe?
A notable way to kick off the annual conference because as Hager puts it – this love and trust can only be accomplished when management and security merge. Thus, achieving the quintessence of technology: simplifying our work.
Jamf believe that with their new products, Jamf Safe Internet and Jamf Threat Defence, users can work anywhere and get access to their corporate data using their work or personal devices – all whilst having their corporate data protected
Here are our key takeaways from the JNUC 2022 keynote.
Apple Innovates, Jamf Celebrates.
Apple will support Declarative Device Management in Macs starting next year. Coming next month, Jamf will support this functionality. It means devices will proactively report their status in real-time, which means IT can automate or make better decisions around device protection.
By balancing user experience with management creates a secure framework which Apple boasts as secure by design! To continue that work, Apple updated Managed Device Attestation and Data Separation and moved to a system-extensions and endpoint-security framework. Expect to hear more about Managed Device Attestation at WWDC 23 and JNUC 2023 as the frameworks become more developed.
BYOD Workflows with Jamf Products
At JNUC 22, Jamf did a demo that showed an onboarding workflow with a new employee and an onboarding specialist for an iOS BYOD devices using Jamf Pro, Jamf Trust, managed AppleIDs and cloud identity provider (IDP).
The demo showed not only how easy and secure it is to enrol your BYOD into Jamf Pro but also how it protects your company data and does not give access to the personal data of your users.
The workflow includes the following.
- Enrolling your personal device with your managed AppleID work account in the Settings App
- Creating a partition between your work and personal profiles to separate your work and personal data
- Using the Jamf’s Self Service app to allow users to choose which work apps they would like to access to
- Access to all your corporate apps and data with Single Sign-On (SSO) with your IDP
- Using the Jamf Trust app to give you private access to company resources and block access if your device is compromised
- Setup duel eSims to support a sim for your personal and work numbers
- Use Apple’s Focus mode to allow notifications to come from either your Work or Personal apps for better work/life balance.
Apple Wallet as Access Badge
Partnering with SwiftConnect, Jamf announced that employees will be able to access their digital employee badge – an image that contains information about them such as name and title, location of headquarters, etc. – on the Apple Wallet app on iPhone or Apple Watch using a cloud identity.
Currently, Apple employee badge has only been made available to Jamf internal employees. However, in the future Jamf and SwiftConnect will allow all customers to seamlessly enable employee badges in Apple Wallet for their organizations. Jamf customers will also be glad to know that employee badge has the ability to fully integrate with leading industry players like Microsoft, Okta, and Google, as well as HID, Lenel, and Genetec.
Zero Trust and Vendor Enhancements.
During JNUC Jamf announced that it has also strengthened its smart group technology by layering in multiple streams of data which includes device new-risk data into security workflows that enable organizations to identify threats and act on threat data automatically. Among other things, this allows Jamf to block access to a device or to specific device capabilities if a compliance problem is detected.
Jamf also identified their partnership with Okta as one of critical importance, working together on the front line of innovating. Okta can now enforce private access to ensure only protected devices with encrypted data can run enterprise apps, while automatically blocking compromised users and devices.
Jamf also announced it has increased its already established integrations with Microsoft and Google;
Microsoft Device Compliance; The next generation of Device Compliance is already here for iOS and Microsoft will soon release this Device compliance for macOS. Microsoft and Jamf will have consistent access to Microsoft Device Compliance across all Apple device. This new process will allow admins to set compliance standards for any Smart Group, including the recently added “risk score” criterion.
Google BeyondCorp: Jamf will also be incorporating Google’s BeyondCorp framework into its offerings, allowing Jamf customers to use the enhanced security features of that technology on their iOS devices in early 2023. Jamf customers can also expect chrome Browser Cloud Management capabilities supported by Jamf Pro are now available for iOS devices.
Zero Touch Onboarding Workflow with Jamf Products
Jamf demonstrated how they’ve improved the zero-touch deployment user experience and ensures your device is protected out of the box with integration with your IDP via SSO, Jamf Connect and Jamf Trust.
Once the user unboxes their machine, the user will need to login with their IDP account to verify who they are, this will then detect what apps, configuration the user needs based on their role and will create a local user account enabling FileVault without a need of logging out and logging back into the user account.
Once you login, you can use zero trust networking access via the Jamf Trust app to secure and protect your company data. Jamf Trust provides unified cloud security and connectivity for workers and ensures a secure connection to safely access all corporate applications and data. Once connected to the Jamf Trust app, you can get access to your company apps without any extra connectivity steps.
In JNUC 2021, Jamf introduced App Installers which is a way to streamline patch updates to your 3rd party applications saving you time sourcing, packaging, deploying, and maintaining 3rd party applications not found in the Mac App store. This ensures
so all the 3rd party apps that your users are always on are the latest version for obtaining new features and security patches.
In this year’s JNUC, Jamf announced additional features to App installers such as improved user notifications where the user is prompted to update. In early 2023, App installers will also be available to install apps within Self Service for quick and easy access to download approved apps by IT.
Mac Remote Access in Jamf Pro
Also coming in early 2023, Jamf announced Mac remote access for IT admins will soon be built directly into Jamf Pro with no VPN required. This will give IT support and the end user a stream-less user experience when trying to get remote access to the user’s computer.
It was great to see a live demonstration of Jamf’s key products being used to simplify the management and security of devices used for work. Furthermore, how the experience of using well-loved tech is boosted when met with technology that organisations trust.
JNUC 2022, is a reminder of how Apple management and mobile security solutions work hand in hand to achieve not only Jamf’s purpose – but perhaps the purpose of technology altogether. That being: To simply work.
From Declarative Management support to employee badge in Apple Wallet, we’re certainly Jamf-packed! We can’t wait to take full advantage of all that’s to come in early 2023.
For more information on JNUC2022 Keynote visit the official Jamf Blog Post below: