Jamf extending key functionality to latest Apple releases
Jamf has announced it is prepared to support and extend key functionality in Apple's macOS Ventura and iPadOS 16 release, which is now generally available.
"With the rise of security vulnerabilities and threats on older operating systems, same-day support has never been more important," says Nick Amundsen, Strategy Senior Vice President, Jamf.
"We are proud to deliver yet another year of same-day support for all of Apple's latest operating systems, including macOS Ventura.
"Our customers have the unique ability to get access to Apple's new OS features today while having the confidence to know their data is protected and secured."
Jamf's support for macOS Ventura and iPadOS 16 comes after the company's same-day support for iOS 16 that was released in September, providing consistent and reliable support that enables organisations to implement immediate upgrades if or when they would like to.
Jamf ensures compatibility for all of Apple's latest releases through extensive testing in the company's beta releases throughout its entire solution portfolio, including macOS Ventura.
macOS Ventura provides features that will assist enterprises with improved device management and institutional security enhancements for Mac.
New updates with macOS Ventura include Declarative Device Management (DDM), Platform Single Sign-On and Rapid Security Response.
Declarative Device Management
DDM is a protocol where the device's configuration can dynamically adapt to the device's state without checking in with the Jamf server.
Prior to this capability, MDM has been a reactive management approach where a device enrols, profiles down to define the desired state of the device and the device then reports back its status.
At this point, the server needs confirmation of a device's state and any necessary actions to take. Going between these requirements slows down the management server.
Apple unveiled Declarative Device Management for mobile devices at WWDC 2021, and the company has extended its new capability to all platforms, including Mac, across all enrolment types, resulting in status check-ins that are more proactive and go directly to the server rather than having to wait for a response.
This affords greater accuracy of device information and faster reporting, allowing policies to be applied more quickly to better maintain a device's desired state and means that servers are more lightweight.
Further, IT teams feel more confident that a device will be in its expected state.
Declarative Device Management is available for Jamf Pro customers today and will be available for all of the company's customers soon.
Platform Single Sign-On Extension
Apple has unveiled a new framework built for cloud identity providers in macOS Ventura, simplifying access to cloud services for users.
The Platform Single Sign-On Extension (PSSOe) builds on the SSOe configuration profile by joining the local user account on a Mac to the Single Sign-On application. From the macOS login window, the user only needs to provide their cloud identity provider (IdP) password to unlock that Mac.
After the user has successfully logged in, the local account password is kept in sync with the cloud identity password, meaning users can access any resources gated by the IdP and the SSOe app without additional password prompts. This fosters greater productivity by minimising how often a user is required to log in.
However, for users to receive the complete benefit of PSSOe, a local user account has to be created on the Mac. Jamf Connect can create this first user account as well as any additional user accounts needed and can enforce linking that local account to the identity provider credentials.
Following this, the PSSOe can attach itself to the local user account and seamlessly log juicers into their organisation's IdP-gated tools and resources. Jamf Pro is ready with the necessary payloads whenever cloud identity providers support Platform Single Sign-On.
Rapid Security Response for macOS Ventura
Rapid Security Response for macOS Ventura introduces a new mechanism to ship security fixes to users more frequently in order to improve endpoint protection and ensure devices and data remain protected from vulnerabilities.
Jamf notes that through this offering, security and IT teams can be assured that vital security updates are getting to users and devices quickly to tighten protocols throughout their enterprise.
New configuration keys have also been added to allow this mechanism to be disabled by a business or disallow users from reverting or uninstalling a Rapid Security Response update.
Jamf Pro 10.42 includes support for these keys in the Restrictions payload, allowing admins to manage Rapid Security Response settings on computers and devices.