A Fortune 500 company and cloud-based service for hundreds of millions of users. It allows users to store a certain volume of data for free and share personal data across devices.
As Apple devices have been gradually increasing, and the IT department encounters bottleneck in serving users, such as：software installation, system configuration, network settings, account creation, permission modification. These devices cannot be managed as easily as Windows in AD domain environment.
Therefore, the client needed to seek an excellent Mac management solution. Since their main business is to operate the cloud service data center of well-known enterprises, data security is also a key consideration for the security department in device management.
After screening the MDM products, the customer decided to test Jamf Pro. We provided a test environment for the customer after understanding the customer’s requirements, and started testing from various aspects of device lifecycle management, such as device initialization, software push, system upgrade, account management, security settings, self-service, etc.
In terms of account management, considering that the customer uses Office 365 service, we also recommended Jamf Connect to the customer to implement Mac terminal authentication, and by integrating Azure AD into Jamf Pro, users can use their O365 accounts for Mac device self-enroll, and distribute policies based on Azure AD users and groups.
After testing, IT and security teams found that Jamf Pro + Jamf Connect was a very effective solution for managing devices. The customer decided to deploy the servers in Azure Cloud with multi-server load-balanced deployment after reasonable planning at our suggestion, taking into account the access and high reliability needs of all branch offices, including remote office staff, given that there are branch offices in numerous cities.
Staying ahead of the curve
The user’s new computer no longer requires IT staffs to perform pre-configuration when the deployment is finished and the user’s device is managed. Following pickup, user devices are automatically managed in a few easy steps, including generating accounts, logging in, and obtaining enterprise applications and configurations, producing a deployment that allows a true zero-touch deployment.
Jamf Pro and Jamf Connect has a range of features that are very straightforward in terms of improving security and efficiency throughout the organization.
- Forcing the disk encryption on and escrow the recovery keys.
- Disabling the Activation Lock to prevent devices cannot be re-activated after the employee quit.
- Office 365 passwords remaining the same as computer login passwords, thereby reducing the number of users experiencing forgotten passwords.
- software and settings being distributed only to those who need them.
- monitoring device health and exporting reports.
- step-by-step guidance for employees to resolve common problems.
- Restrictive management processes that empower employees but do not overwhelm them with responsibility.
With a simple remote command to restore a departing employee’s device, Mac devices can be easily controlled by the enterprise from the time they are put into service until they are retired.
With the introduction of Jamf Pro, the enterprise mobile management tool and cloud identity solution, IT teams are able to shift their focus to a larger scale rollout of devices and software, which will also ensure the security of employees and customers.
Deployment and Provisioning:
- Zero-touch enrollment
- User-initiated enrollment
- Configuration profiles
- Self service