Jamf touts big corporate security push at JNUC

Jamf touts big corporate security push at JNUC

Jamf today kicked off its annual JNUC event for Apple administrators with a series of announcements focused on device management and security, a new Jamf Trust app, additional information on its recently announced ZecOps agreement, and other updates that may be of interest to Apple IT. apple pros

The company also committed to supporting Microsoft device compliance on Mac later this year, with support for Google's (BeyondCorp) zero-trust contextual framework on iOS devices in early 2023.

What drives the Jamf method?

Before JNUC, I spoke with Jamf CEO Dean Hager, who explained the philosophy behind what the company advertises. Ultimately, this is a continuation of Jamf's core mission, which is to bring complex enterprise technology integration into the XNUMXst century by ensuring that it not only supports 'Apple's technology, but that its implementation is married to the kind of simplicity consumer experience that you've come to expect from Cupertino platforms.

“We'll start the event by asking two simple questions: 'Do your users like your work technology? he stated. “Does your organization trust all the access that comes from this technology? And we think you should see a resounding 'yes' to both. We believe that through the fusion or combination of management software, software and security, we believe that this combination is what makes this love and trust possible.

Jamf also confirmed that it now supports 29 million Apple devices worldwide with 69 customers, a 000% increase from earlier this year. Complex simplicity makes the difference.

Here's what Jamf revealed at the start of JNUC 2022

What is Jamf Trust?

The Jamf Trust app binds a user's identity to a device so that Jamf security services are dynamically configured based on the user's identity and role. This casts a veil of protection across the enterprise, placing protections around application access and simplifying their use with powerful enterprise-grade protection.

What this really means is that Jamf can now ensure that macOS and iOS devices are properly configured and protected from cyber-attacks on first boot.

Jamf y iPhone jamf

Jamf Trust in action. The system can automatically react to an incoming threat, warn the user, explain the problem, and alert the security monitoring system.

What's new in Jamf Protect?

Next month, Jamf Protect will benefit from rich endpoint telemetry data collection, as well as a new offline deployment mode that sends telemetry data directly to a security information and event management system ( SIEM) for customers with high compliance requirements.

To support this new feature, the company has already scanned more than 430 million unique domains. "By measuring a multitude of dimensions of these sites, including top-level domains, subdomain entropy, domain compositions, and brand spoofing, Jamf was able to identify and block more than 122 zero-day phishing attacks last year alone," the company said. said.

Powerful remote access

In early 2023, Jamf is planning a new remote access feature that will allow IT administrators to authenticate and take remote control of any Mac in their fleet, physical and virtual, directly from Jamf Pro.

Simplify application deployment (and insured)

Jamf is already making sure its systems are ready to install when Apple's own operating systems ship. Last year, it began working to make it easier to manage and update third-party apps with app installers in the company's app catalog.

The company now monitors more than 1000 frequently used titles by its customers with more than 100 app installers available. IT can use this to install fully patched and updated versions of the applications they need.

As can happen on the MDM side, devices are protected against accidental installation of untrusted or unverified apps. The company is preparing to introduce improvements to its app installer user notification system, in addition to simplifying the installation of apps in Self Service, to ensure that only apps that are relevant to the user and authorized by IT are displayed in its catalog. of custom applications.

Maximum security? Zero trust?

The company has also enhanced its proprietary Smart Group technology by synthesizing multiple layers of data, including user, device, and emerging risk data into security workflows that enable organizations to automatically identify threats and act on threat data. Among other things, this leverages Jamf's ability to block access to a device or specific device features if a compliance issue is detected.

The company also hinted at additional work with cloud identity providers like Okta. You can now enforce the use of private access to ensure that only devices protected with encrypted data can run business applications, while automatically blocking compromised users and devices.

As noted, the company is also seeking to mitigate authorization pain points. Microsoft Device Compliance will be available for Jamf-protected Macs later this year, while Google's Contextual Zero Trust Framework (BeyondCorp) will be available for iOS devices in early 2023. These protections are available now on iOS and Mac, respectively.

Jamf says that the combination of all these new zero-trust capabilities will provide multiple layers of organizational protection through device health scores and smart groups to block non-compliant usage at the device, network and cloud level.

Hager explained that the approach maximizes the potential for zero trust. "We'd rather talk about trusted access," he said. “This is where the integration of Microsoft and Google comes into play.

“Because let's face it, if Jamf detects that something is wrong with a device or a person, we can block that device immediately. We can turn off this device at the network level. With our private access, or Microsoft and Google through their integration with us, they can disable access so that we have the ability to block access at the device level, network level, and cloud level. And honestly, I don't know anyone else in the industry who can do that. And therefore, an organization can trust every incoming access point.

Hager also highlighted how Jamf Protect can create viable barriers between personal and business use of a device, protecting privacy while protecting the device and the business. It's about keeping Apple's "relentless focus on people" at the company, Hager said onstage at JNUC.

make plastic access insignia History

Those plastic access cards/badges that everyone loses should be thrown in the dustbin of history. Starting next year, Jamf will integrate with the SwiftConnect cloud platform so organizations can provide employees with digital employee credentials that can be accessed through Apple Wallet on iPhone and Apple Watch and authenticated through from Identity. Basically, this means that your watch or iPhone will be the key to your office.

It's reassuring to see that this integration between Jamf Trust and the SwiftConnect cloud platform will also integrate with industry leaders in cloud identity, credential management and access control, including Microsoft, Okta, Google, HID, Lenel , Genetec and others.

Jamf embraces declarative device management

Apple will support declarative device management on Mac starting next year.

Next month, Jamf will support this feature. This means devices will proactively report their status in real time, meaning IT can automate or make better decisions about device protection. Additionally, Jamf and AWS announced last week their new partnership to automatically enroll virtual Mac EC2s in Jamf Pro when they are provisioned through the AWS Portal.

There's more to come from the event, so stay tuned as I dive deeper into the show's announcements.

Follow me on Twitter or join me at AppleHolic's bar & grill and Apple discussion groups on MeWe.

Copyright © 2022 IDG Communications, Inc.