AWS brings Verified Access security to the Apple enterprise

Amazon is introducing its next-gen AWS Verified Access security technology. At its annual AWS re: Invent show, the company confirmed the tech will be made available to enterprises running Apple products thanks to partnerships with Jamf, JumpCloud, and other device management vendors in the space.

What’s valuable about AWS Verified Access is that it enables IT to provide secure access to applications without using a VPN. Built on Zero Trust principles, Verified Access enables teams to create, configure, and manage a fine-grained set of policies for private application access.

Think of it as an additional layer of protection within the rapidly evolving security landscape, one that also ensures valuable corporate data isn’t being carried via less-trusted VPN servers. It also means users won’t be calling in with help requests because they’re having problems with the VPN.

The idea is that IT can define security policies and criteria and that those requirements must then be met before users or their devices gain access to internal services hosted on AWS. Verified Access evaluates each access request in real time and only connects users to the application if these conditions are met.

“It means you can define a unique access policy for each application, with conditions based on identity data and device posture,” Amazon explains. “For example, you can create policies allowing only members of the finance team to access their financial reporting application and using only compliant devices.”

Jamf explains that the tech means customers can set things up so that only devices that are managed and originate from a specific Internet Protocol (IP) address range, have a certain device risk score, or have minimum operating system (OS) version can access a system.

The biggest change should be an improved security posture. Unlike traditional protections in which access is evaluated once, this system evaluates each application access request as it comes in. This makes it far more difficult for bad actors to move from one app to another. 

AWS also integrates with numerous ID and device management services (such as Jamf and JumpCloud) and logs all access attempts, which helps when troubleshooting.

But for the growing number of hybrid and remote businesses, AWS Verified Access is an opportunity to lock down your cloud-based enterprise services and onboarding processes even more tightly with the ability to secure users more effectively at the edge.

Earlier this fall, Jamf announced it was working with AWS to create a workflow to manage and provide an added layer of security to Amazon Elastic Compute Cloud (Amazon EC2) Mac instances at scale.

“AWS is proud to continue to work with Jamf so organizations can provide Trusted Access to their users,” said Dave Brown, vice president of Amazon EC2 at AWS. “Today’s announcement of AWS Verified Access Integration is the next step in a powerful partnership aimed at helping the enterprise succeed with Apple.”

Of course, the introduction provides yet another proof point of the extent to which Apple continues to grow in the enterprise. After all, it’s unlikely this kind of support would be made available at all if Macs, iPhones, and iPads hadn’t been deployed so rapidly in the last few years. It’s also a testament to the security enhancements for Apple products in the enterprise that continue to emerge from players in the space, even as Apple’s share grows.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

http://www.computerworld.com/category/security/index.rss