{"id":20201,"date":"2022-09-27T10:30:04","date_gmt":"2022-09-27T18:30:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/09\/27\/news-13934\/"},"modified":"2022-09-27T10:30:04","modified_gmt":"2022-09-27T18:30:04","slug":"news-13934","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/09\/27\/news-13934\/","title":{"rendered":"Jamf touts big boost to enterprise security at JNUC"},"content":{"rendered":"

<\/p>\n

Jamf<\/a> opened its annual JNUC\u00a0event for Apple admins<\/a>\u00a0today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.<\/p>\n

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google\u2019s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.<\/p>\n

In advance of JNUC, I spoke with Jamf CEO Dean Hager, who explained the philosophy behind what the company is announcing.\u00a0Ultimately, it\u2019s a continuation of Jamf’s core mission, which is to bring complex enterprise tech integration into the 21st<\/sup>\u00a0century by ensuring not only that it supports Apple\u2019s tech, but that its implementation is married to the kind of consumer simplicity you expect on Cupertino\u2019s platforms.<\/p>\n

\u201cWe\u2019ll kick off the event by asking two simple questions: \u2018Do your users love their work technology?\u2019” he said. “‘Does your organization trust all the access that is coming in from that technology?\u2019 And it’s our view that you should see a resounding \u2018yes\u2019 to both.\u00a0We believe that through the melding or the combining of management, software and security software, we feel like that combination is what makes that love and trust possible.\u201d<\/p>\n

Jamf also confirmed that it now manages 29 million Apple devices worldwide with 69,000 customers \u2014 that\u2019s up 15% since earlier this year<\/a>.\u00a0Complex simplicity makes a difference.<\/p>\n

Here’s what Jamf unveiled at the start of JNUC 2022<\/p>\n

The Jamf Trust app binds user identity to a device so that Jamf\u2019s security services are dynamically configured according to user identity and role. This casts a protective cloak across the enterprise, placing protections around application access and making powerful enterprise-class protection consumer simple.<\/p>\n

What this means in effect is that Jamf can now ensure macOS and iOS devices are configured correctly and secured against cyber-attacks from first boot.<\/p>\n

Jamf Trust in action. The system can automatically react to an incoming threat, warn the user, explain the problem and alert the security monitoring system.<\/p>\n

Next month, Jamf Protect will gain rich endpoint telemetry data collection along with a new offline deployment mode that streams telemetry data directly to a SIEM (Security Information and Event Management) system for customers with high-compliance requirements.<\/p>\n

To support this new feature, the company has already scanned over 430 million unique domains.\u00a0\u201cBy measuring a multitude of dimensions of these sites, including top-level domains, subdomain entropy, domain compositions and brand impersonation, Jamf has been able to identify and block more than 122,000 zero-day phishing attacks just in the last year,\u201d the company said.<\/p>\n

Coming in early 2023, Jamf plans a new Remote Access feature that will empower IT admins to authenticate and take remote control of any Mac in their fleet \u2014 both physical and virtual \u2014 directly from within Jamf Pro.<\/p>\n

Jamf already ensures its systems are ready to install when Apple\u2019s own operating systems ship. Last year, it began work to make third-party apps easier to manage and update with App Installers in the company\u2019s App Catalog.<\/p>\n

The company now monitors more than 1,000 titles that are frequently used by its customers with more than 100 available App Installers. IT can use the latter to install fully patched and updated versions of the apps they need.<\/p>\n

Since it can happen at the MDM end, endpoints are protected against accidental installation of unapproved or unverified apps. The company is preparing to introduce improvements in its App Installer user notifications system, along with simplifying App installation within Self Service, to ensure only apps relevant to the user and authorized by IT are displayed in their customized app catalog.<\/p>\n

The company also improved its patented Smart Group technology by\u00a0synthesizing multiple layers of data, including user, device, and new-risk data into security workflows that enable organizations to identify threats and act on threat data automatically. Among other things, this exploits Jamf’s ability to block access to a device or to specific device capabilities if a compliance problem is detected.<\/p>\n

The company also hinted at additional work with cloud identity providers such as Okta. It can now enforce use of Private Access to ensure only protected devices with encrypted data can run enterprise apps, while automatically blocking compromised users and devices.<\/p>\n

As noted, the company is also looking to ease pain points in authorization. Microsoft Device Compliance will be available to Jamf-protected Macs later this year, while Google\u2019s context-aware zero trust framework (BeyondCorp) will be available to iOS devices in early 2023. These protections are already available on iOS and Mac, respectively.<\/p>\n

Jamf says the combination of all these new zero-trust capabilities will deliver multiple layers of organizational protection through device health scores and Smart Groups to block non-compliant usage at device, network, and cloud layers.\u00a0<\/p>\n

Hager explained the approach maximizes the potential of zero trust.\u00a0\u201cWe would rather talk about trusted access,\u201d he said.\u00a0\u201cThat’s where the Microsoft and the Google integration comes in.<\/p>\n

\u201cBecause, let’s face it, if Jamf senses that something is wrong with a device or person, we can block that device immediately. We can shut off that device at the network level. With our private access, or Microsoft and Google through their integration with us, they can shut off access so we actually have the ability to block access at the device level, at the network level, and at the cloud level. And honestly, I don’t know of anybody else in the industry that can do that. And as a result, an organization can trust every point of access that’s coming in.\u201d<\/p>\n

Hager also pointed out how Jamf Protect can create viable barriers between personal and enterprise use of a device, protecting privacy while protecting the device \u2013 and the business. It\u2019s all about maintaining Apple\u2019s \u201crelentless focus on the person\u201d in the enterprise, Hager said on stage at JNUC.<\/p>\n

Those plastic access cards\/badges everyone loses should be consigned to the landfill of history. Starting next year, Jamf will integrate SwiftConnect\u2019s cloud platform so that organizations can provide employees with digital employee badges accessed through Apple Wallet on the iPhone and Apple Watch and authenticated through the employee\u2019s cloud identity. It basically means your watch or iPhone will be your office key.<\/p>\n

Reassuringly, this integration between Jamf Trust and SwiftConnect\u2019s cloud platform will also integrate with cloud identity, credential management, and access control industry leaders including Microsoft, Okta, Google, HID, Lenel, Genetec, and others.<\/p>\n

Apple will support Declarative Device Management in Macs starting next year.<\/p>\n

Coming next month, Jamf will support this functionality. It means devices will proactively report their status in real-time, which means IT can automate or make better decisions around device protection. In related news, Jamf and AWS last week announced their new partnership<\/a> to automatically enroll virtual EC2 Macs into Jamf Pro when they are provisioned through the AWS portal.<\/p>\n

There is more coming from the event, so stay tuned as I dig deep into the announcements from the show.<\/p>\n

Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

\n
\n

Jamf<\/a> opened its annual JNUC\u00a0event for Apple admins<\/a>\u00a0today with a slew of announcements focused on device management and security, a new Jamf Trust app, further information on its recently announced ZecOps deal and other updates likely to be of interest to Apple IT professionals.<\/p>\n

The company also committed to supporting Microsoft Device Compliance on Macs later this year, with support for Google\u2019s context-aware zero trust framework (BeyondCorp) on iOS devices in early 2023.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,10480,10403,10554,12555,714,24580],"class_list":["post-20201","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-ios","tag-macos","tag-mobile","tag-mobile-device-management","tag-security","tag-small-and-medium-business"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20201","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=20201"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20201\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=20201"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=20201"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=20201"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}