Implementing JAMF to Support Apple Mac Devices in a Traditional Microsoft Estate

Implementing JAMF to Support Apple Mac Devices in a Traditional Microsoft Estate
Supporting Apple Devices in a Traditional Microsoft Estate

APPtechnology was approached by one of our customers, a global consultancy that was in the process of integrating a company that was Mac-based into their principally Microsoft environment.  

Challenge

To ensure that controls, processes, and procedures were in place to support the ongoing management of the Mac devices. This included ensuring there was an automated standard build, application deployments, security patching and device management.

The current IT setup for the customer utilised Microsoft Endpoint Configuration Manager (MECM) to manage the Microsoft estate as well as IOS and Android devices. It was not felt that MECM would cater for the level of holistic management that would be required for the Mac users that were integrating into the organisation. Therefore, the decision was made to setup a cloud-based instance of JAMF Pro to provide the Mac Management for the enterprise, which addressed the following requirements: -

  1. Device Management: The customer needed a robust platform in place that could handle the end-to-end lifecycle and management of Mac devices in the estate.
  2. Security Risks: Without proper management, Macs were at risk of security vulnerabilities and data breaches, as they were not integrated into the existing security protocols. 
  3. Compliance: The solution needed to meet regulatory compliance requirements, including ensuring all Mac devices were well-managed and auditable. 
  4. Applications: The solution needed to provide a seamless way for users to be able to get Mac applications deployed to their devices. 
  5. Out of the Box experience: The solution needed to deliver a consistent process for provisioning Mac devices to ensure a positive end user experience. 

Solution

To address these challenges, APPtechnology worked with our customer to implement JAMF Pro, a comprehensive Apple device management solution. The implementation process followed these key steps: 

JAMF Pro Deployment:

  • A cloud based instance of JAMF Pro was setup to facilitate the global reach required for the management console.
  • JAMF enrolment was automated utilising a Device Enrolment Program through Apple Business Manager

Configuration and Policies: 

  • Created standardized configuration profiles and policies for Mac devices to ensure consistency. 
  • Created a Pre-Stage Enrolment profile containing all required configuration profiles, polices and apps required for streamlined out of box user experience.
  • Automated software deployment, updates, and patch management were established. 

Integration: 

  • Integration with existing Microsoft systems, including Active Directory, was achieved to maintain a unified user directory. 
  • Deployed JAMF Connect with Single Sign On configuration to existing Azure Active Directory estate to allow users to authenticate with existing credentials.
  • Connected JAMF Pro tenant with existing Microsoft Endpoint Manager tenant to extend Device Compliance policies already in place in MEM.

Security Enhancements: 

  • Security policies were implemented to ensure Mac devices complied with corporate security standards. 
  • Connected JAMF Pro tenant with existing Microsoft Endpoint Manager tenant to extend Azure Conditional Access policies to the Mac devices.
  • Remote wipe capabilities were established to protect data in case of loss or theft. 

Compliance Assurance: 

  • Regular audits were conducted to ensure all Mac devices remained compliant with regulatory requirements. 

Results

The implementation of JAMF Pro yielded several significant results: 

  1. Streamlined Mac Management & Deployment: IT staff reported a significant reduction in the time required for Mac device management, resulting in increased productivity. 
  2. Improved Security: Mac devices were brought into compliance with corporate security standards, reducing the organization's exposure to security risks. 
  3. Enhanced User Experience: Employees using Macs reported an improved user experience, with easy access to applications and updates through JAMF Self-Service. 
  4. Regulatory Compliance: The organization was able to maintain compliance with regulatory requirements for device management. 

Conclusion

With close collaboration, JAMF Pro successfully addressed the challenges posed by the introduction of Mac devices in a traditionally Microsoft-focused environment.  If you are looking at how to add Mac management to your estate APPtechnology can help you select and implement the best approach based on your requirements.

 

Photo by Daniel Korpai on Unsplash

Services:

X