At this week’s Jamf Nation User Conference, Brad Anderson, corporate vice president, Microsoft, today demonstrated Jamf’s integrated solution with Microsoft Enterprise Mobility + Security (EMS), which provides automated compliance management for Mac devices accessing applications set up with Azure AD authentication.
“Organizations are often overexposed today. More and more, corporations have Mac devices, but they aren’t necessarily managed,” said Joe Bloom, product manager, Jamf. “Further, leveraging only traditional login methods makes it hard for organizations to ensure that all of the data and email passing through Office 365 or other corporate applications is indeed secured. With Microsoft EMS and Jamf Mac management, organizations can validate user credentials, while also confirming a Mac is managed and compliant before granting access.”
Together, Jamf, which specializes in Apple device management, and EMS prevent an authorized user from using a personal Mac, an unmanaged Mac or a managed corporate Mac that is not compliant with security policies and therefore is more vulnerable to security threats. Jamf and EMS address this by requiring the user to register devices they want to use to access applications connected to Azure AD, including Office 365.
First, compliance criteria is established in Intune, and then the criteria is measured on the Mac device by Jamf. The device information collected by Jamf is then sent to Intune. Finally, Intune computes the device’s compliance state and feeds the status into Azure AD for Conditional Access policy evaluation. If the device is not in compliance, a notification is sent to the user, requiring remediation in Jamf Self Service.
This integrated solution will be available in late 2017. Talk with your Microsoft or Jamf account executive to find out more about how to leverage this to secure your organization or register for the public beta, by visiting Jamf Nation.