Manage Apple devices with Jamf Pro MDM

Robert Jeziorski | Apple for business | 04.07.2022

The challenge: bring the legendary Apple experience to business

The financial results of the tycoon from Cupertino confirm the ongoing interest in Apple products in business. Apple sold more than 6.7 million computers in the first quarter of 2021, which resulted in sales growth of 111% year over year. At the end of 2021, Apple reached a record-breaking sales results equaling to $124 billion, and in Q1 2022, the company reported an increase of 8% year-over-year. Apple devices are also more and more often used in business. What is the secret behind brand interest, and why is Apple so popular? The appealing design, technical features, operating systems stability, longevity and performance resulted in better user experience – all that convinces millions of users to use these devices.

Organizations succeed with Apple devices

Today, choosing Apple devices in companies means more than prestige. Businesses purchase equipment for their employees wisely. Quality and performance, as well as option to use the tools for a long time (and thus save money!) are decisive factors. Macs run smoothly oover 4 years on average, whereas devices with other systems – 2 times shorter. An additional factor is the battery life of Macs. Users can use Macs for several hours (even more than 16 hours). That is very vital aspect in bu business. There is an anecdote relating to the battery life of Macbooks stating that even some Apple employees were surprised by its performance and initially suspected… a battery indicator failure!

Why use MDM – Mobile Device Management for Apple devices

Good equipment is not everything. You also need an efficient and reliable management technology. While searching for management solution, you probably have encountered the below terms:

• Mobile Device Management (MDM) – a platform to manage all device functions. It allows IT administrators to control the device and its security.
• Enterprise Mobility Management (EMM) is a system of policies, practices, and tools used to manage and protect data on enterprise mobile devices.

MDM or EMM systems automate device management and thus significantly improve IT infrastructure management activities by providing analytical data to IT administrators. They allow for cost and time savings. 

Even with a few Apple devices in the company, it’s worth investing in MDM / EMM tool. The IT department will be able to monitor devices and empower end users offering them better UX. From many solutions available on the market, Jamf Pro can boast the largest administrator community.

What is Jamf Pro?

Jamf Pro is a powerful tool for MacOS and iOS devices management that allows you to connect various systems, including devices, identities, applications, and virtualization, to create a digital workplace.

Jamf Pro is a dedicated solution for the Apple ecosystem. Jamf Pro tool offers full support and is always ready to manage the latest versions of iOS and macOS. Jamf Pro is also the best ranked and preferred solution in its class. The simple user interface and comprehensive features ensure that Macs are fully integrated into the business environment.

Jamf Pro capabilities

• Remote registration, configuration, and direct delivery of the device to the user with the zero-touch approach, enabled by Apple Business Manager, which effectively relieves the IT department. 
• Management of multiple devices, including creating configuration profiles, device groups, and advanced workflows.
• Preconfiguring the apps available to the user, both the required installation on first setup and the app store apps you can download yourself.
• Remote management of native security features and configuration settings for all devices allow you to ensure a high level of safety.
• Define your own attributes with monitoring tools for administrators. Jamf Pro also uses smart groups based on parameters and values obtained when scanning the computer. Remote commands, configuration profiles or applications can be assigned to these groups, which simplifies management and updates the content of the groups dynamically.

Why use Jamf Pro?

Zero-day support

Apple provides regular software updates to Macbook and iPhone users, and Jamf Pro has been providing support on the day of the new system release for years. Updates are available one day after the new macOS or iOS release and can be installed on your company’s devices – without having to worry about compatibility with other apps and business systems.

Zero-Touch Deployment

With the Apple Device Enrollment Program, it is possible to remotely register, configure, and deliver the device directly to the end user in a zero-touch approach. It means that the dvice is practically ready to use immediately after unpackacging. All relevant configurations and settings are automatically installed at the first device start-up. That significantly relieves the IT department.

Device management

Jamf Pro provides advanced multi-device management, including crearing of configuration profiles, device groups, and advanced workflows.

Inventory

Jamf Pro provides tools for inventorying hardware and software. Automatic reports and alerts support managing hardware, software, licenses and configuration catalog.

Managing applications

With Jamf Pro, you can not only configure system settings, but also pre-configure the available apps that you need to install the first time you start, or which you can download yourself from the App Store.

Self-service

In addition to the app store, you also have access to an update center and repair tools. This makes you independent of IT support. With remote teams, only a few people can leave their computers to the IT department if something doesn’t work anymore or a program or update needs istallation. It can be a matter of an hour, but often you have to leave the equipment for a couple of days, which is more problematic. Self-service enables users to solve many of the most common problems.

Safety

With Jamf Pro, you can remotely manage native security features and settings for all devices, ensuring a high level of security.

Equipment monitoring

The monitoring tools allow administrators to define their own attributes. Jamf Pro also utilizes asmart groups based on parameters and values obtained when scanning the computer.

Jamf Pro API

Jamf Pro also provides an API that allows you to create solutions not included in the admin interface (e.g., advanced capabilities for collecting information or creating reports).

Privacy of users

On iOS devices, Jamf Pro allows you to separate the apps you use at work from private apps to prevent data flow between them.

Integration with Windows

The system integrates seamlessly with Microsoft Intune or Microsoft System Center Configuration Manager (SCCM), making all your company’s Mac and PC devices compatible.

JAMF PRO MANAGED SERVICES

Examples of Jamf Pro system implementation

The Jamf Pro enterprise mobility management system has features that allow it to meet the everyday challenges faced by clients.

Below are some examples of the implementation of the Jamf Pro system and clients’ use of its functionalities, which made it possible to solve the most urgent problems, improve the functioning of the company, and achieve additional business benefits.

SCOPE OF JAMF PRO MANAGED SERVICES

System maintenance

We ensure stable access to the entire functionality of Jamf Pro, which ensures that devices are able to maintain a high level of performance.

Management & deployment solutions

• We develop and implement dedicated configurations and applications, which enable users to achieve business goals utilizing the full potential of Apple devices.
• Comprehensive servicing
• We provide support in terms of system monitoring and troubleshooting related to problems detected.

Detailed audit and documentation

Our experts undertake an in-depth examination of Apple-based infrastructure, which allows them to determine the right pathway for development.

Technical and service support

In accordance with the SLA, we offer support in troubleshooting technical issues.

Security audits and security policy management

We undertake an analysis of security policy and implement the best standards that ensure the security of both company and user data.

Management of new starters/leavers

From the first to the last day of work, we take care of device readiness as well as ensuring an efficient device migration process between users.

Advanced technical support

We offer support for the client’s administrators in the framework of 2nd and 3rd degree escalation for Jamf Pro and the integration of Apple devices with other environments.

Professional support of macOS administrators

Benefit from the knowledge and skills of certified macOS administrators from JCommerce.

EXPERTS IN APPLE DEVICE MANAGEMENT

JCommerce’s macOS administrators have experience in implementing Apple devices at global corporations, and the number of macOS devices which they administer by means of the Jamf Pro system is in excess of 30,000.

Our experience is based on cooperation with clients from demanding industries such as banking, insurance, multimedia and press agencies. We not only offer the Jamf system, but also utilize it ourselves.

Examples of system implementation

In the presented case studies, we describe situations in which our customers struggled with outdated software, problems with antivirus software, troublesome device encryption and difficulties with implementing new devices and lack of control over their status.

#1 Outdated software

A financial services company had a problem with outdated software on their employees’ Apple devices. For security reasons, employees had standard user accounts, and lacked the option of installing and updating the software themselves. All such tasks had to be carried out by the IT department.

Solution

We proposed that the client make use of the following functions of the Jamf Pro enterprise mobility management system:

• Self-Service – delivering applications, as well as updating them through the company’s app store.
•  Patch management – updates can be fully managed by administrators, thanks to which an update can be carried out automatically in the background or be voluntarily installed by the user, depending on its priority status.

An advantage of this solution is the ability to seamlessly install applications on user devices, as well as manage upgrades. The installation process itself is intuitive, and so does not require the user to have technical knowledge. The application is ready to function immediately after installation. It is also possible to provide a license, and to remove it at any time.

Benefits of Jamf Pro implementation

System updates can be blocked and implemented in the client’s environment in certain situations when everything is completely prepared. This is important because some applications may not be compatible with the new version of the system. To avoid this, a series of tests is carried out to eliminate problems for the user.

This allows users to eliminate the risk of compatibility issues after upgrades, which may even lead to the system’s complete inability to reboot in extreme cases. Full control over the updating process also eliminates the risk of installing a modified update with malicious code in the event of the software provider’s update servers being hacked.

Additional benefits:

• the possibility of global application management,
•  improving security,
•  eliminating a number of compatibility problems,
•  significantly reducing the number of failures,
•  savings in the IT department due to the reduced number of tasks,
•  an increase in the level of user satisfaction.

#2 Problems with antivirus software

An international company had a centrally managed antivirus system, which was nonetheless divided into many servers and configurations due to differences between geographic regions. Each user had to choose the right software with the suitable configuration, leading to cases of poorly chosen configuration or even a lack of antivirus software on the devices.

Solution

We proposed that the customer eliminate the need for manual configuration on devices by automating the software installation process. Scripts carried out directly on the user’s device were implemented, which made it possible to identify the appropriate local server and choose the correct software configuration.

Benefits of Jamf Pro implementation

Thanks to the complete automation of the process, all devices at the company were fitted out with current antivirus software with the appropriate configuration for the given location.

Additional benefits:

• automation of the installation and configuration of antivirus software,
• the ability to monitor the security of devices,
• remote, automated management of updates,
• eliminating the risks associated with a lack of anti-virus protection on user devices.

#3 Problematic device encryption

The client’s security policy required disk encryption on employees’ computers. Encryption was carried out by the IT department before handing the computer over to the employee. During the manual configuration process, the user’s account was added to the list of those authorized to unblock / decrypt the disk. The ‘spare key’ generated in this process was transferred to an internal, secure database by the IT department.

After the departure of one of the key employees of the company, it turned out that there was an urgent need to access data on his computer, but the attempt to decrypt the disk with the saved key failed. As a result of human error, the key was incorrectly entered into the database, making it impossible to access the data on the computer. During the implementation of the device management system, the client particularly emphasized the need to eliminate the risk of such a situation occurring again in the future.

Solution

The Jamf Pro system was used to automate the process of transferring the recovery key directly from the encrypted computer to the management system.

Benefits of Jamf Pro implementation

The system was configured in such a way as to regularly verify the ability of the backup key to decrypt the disk, and the event log provides information about authorized users who attempt to read the key. In the event of any incompatibilities, it is possible to remotely update the recovery key on the computer and synchronize it with the management system.

Additional benefits:

• access to all encrypted devices within the organization,
•  remote, fully automated encryption management,
•  the possibility of periodic verification of encryption keys on all devices.

#4 Difficulties in implementing new devices

A company from the media industry, whose employees were scattered around the world, had a device management system which was only available on the company’s network through a VPN. That solution meant that each new device had to be configured by the IT department, and significantly limited the subsequent possibilities for managing employees’ devices, some of which were essentially in the field on a permanent basis.

Solution

The migration of the system to the cloud and integration with Apple’s Device Enrollment Program turned out to be the optimal solution.

Benefits of Jamf Pro implementation

The migration of the system not only broadened the possibilities for device management regardless of where they were physically located, but also enabled the issuing of new devices directly from the supplier to employees working in the field (bypassing the local IT department), which significantly shortened this process and reduced costs.

Additional benefits:

• the ability to manage devices regardless of location,
•  increased control,
•  shorter delivery process for new equipment,
•  lower IT costs.

#5 Lack of control over the state of devices

At a company with a large number of Mac computers, the IT staff were responsible for preparing and managing employees’ devices. However, when the company started to develop rapidly, it quickly turned out that the department was insufficiently equipped to manage the growing number of devices.

Solution

The company decided to implement the Jamf Pro mobility management system, which helped it drastically reduce the workload and costs of the IT department. This was achieved by automating almost all processes related to preparing equipment for employees.

After the system was implemented, it turned out that the client was particularly pleased with the possibility of advanced reports on the status of devices.

Benefits of Jamf Pro implementation

Thanks to monitoring of the installed applications and the current version in use, the usage and technical condition of mass storage, system settings, as well as unique criteria implemented at the company’s request among others, it is possible to generate advanced reports which help the company to understand its employees’ equipment needs better. The conclusions drawn from the reports lead to the optimization of numerous internal processes, and facilitate more informed choices of applications and licensing methods, as well as the proactive verification of the technical condition of devices and monitoring of security.

Additional benefits:

• automation of the process of implementing new devices and management,
•  monitoring the status of devices and how they are used by employees,
•  process optimization,
•  the selection of applications and licenses that best meet the expectations of users,
•  employee satisfaction,
•  lower IT costs.

The latest articles on Apple in business

CONTACT US!

Jamf Solutions – Why do customers choose JCommerce?

• The high-end hardware and the MDM system require an additional factor, namely the implementation, support and administration services in the managed services model. Many companies interested in business management services choose JCommerce, the golden partner and integrator of Jamf solutions, because:
• He has know-how backed by project experience – JCommerce’s clients include both the largest companies in Poland and abroad, and the volume of managed computers is more than 30,000 devices. It’s the know-how and experience of JCommerce experts that drive customers to choose Apple Support and Device Management with our help.
• It is part of the Apple Consultants Network – companies applying for ACN go through a multi-stage verification process. The ACN title confirms the high level of competence of the administrators and guarantees access to the knowledge of the administrators of ACN companies.
• Our experts knowledge and experience are supported by certifications – Apple administrators from JCommerce have the necessary Jamfa certifications and the Apple Consultants Network.

Within the scope of the services we offer:

• Checking your infrastructure
• Integration of Jamf Pro into existing infrastructures (LDAP, SSO, CA, InTune, Office 365)
• Providing new equipment
• Management of system applications and updates
• Security configuration (CIS benchmark)
• Ongoing Jamf Pro system management and app service
• Monitoring and reporting of environmental anomalies
• Training for customer administrators

Conclusion

Outsourcing Apple Device Management Services brings anumber of extra benefits. 

Apple devices are more than just prestige in the company – they mean safety and stability and give you option to choose a work tool that can become an advantage to attract the best employees. Using Macs in the enterprise often follows the need to employ a state-of-the-art MDM-class solution. Managed services are helpful in that matter, especially in companies operating in sensitive sectors (such as the banking and aviation or government organizations what now also use MDM without hesitation).

This solution is more cost-effective than setting up a separate Apple device administrator in the enterprise, ensures continuity of services, and constantly improves the skills of the experts without incurring additional costs. Apple devices, the Jamf Pro system, and the support of JCommerce experts can drive your business forward.

Also read:

• Jamf Protect
• Jamf Connect

Contact us and learn more about Apple in business!