Alice Chambers |
The concept of zero trust, though not new, is often poorly understood and inconsistently applied across organisations. Henry Patel, chief strategy officer at Jamf, says successful zero-trust strategies should result in only authorised users on enrolled devices, which are secure and compliant, accessing sensitive data.
“Many companies recognise the importance of integrating device management, automation, secured endpoints, threat prevention and verified user access,” he says. “However, they often struggle to connect these components cohesively. This leads to a fragmented security infrastructure with products from multiple vendors that don’t always work well together, causing security gaps, misconfigurations and a frustrating user experience.” And offering solutions that are adaptable, that can be tailored and that scale along with business growth is key.
Jamf’s answer is what they call Trusted Access – a vision that combines device management, identity and access management, and endpoint security.
“Trusted Access offers a non-linear maturity model that allows organisations to gradually establish more trust over time and at their own pace, based upon their unique needs and priorities,” says Patel. “This approach provides a flexible path for firms to build a robust zero-trust strategy without the pitfalls of a patchwork security system.”
The solution was purpose-built for Apple devices, so Jamf’s collaboration with Microsoft is crucial for its integration with Microsoft Security, and ensuring that Apple devices in Microsoft-centric organisations are effectively secured.
Jamf’s Trusted Access vision helps Microsoft-based organisations manage and secure Apple devices
“The integration with Microsoft Sentinel allows joint customers to filter and forward relevant endpoint telemetry and network data from Jamf Protect, our endpoint security solution purpose-built for Apple, to Microsoft Sentinel,” says Patel. “This provides a streamlined workflow for administrators to monitor and respond to security incidents quickly.
“Our most recent collaboration with Microsoft was about bridging the gap between IT and security. Jamf’s plugin for Microsoft Copilot for Security allows instant insight into device inventory data. This is important because security analysts often do not have the time to reach out to IT and investigate an affected device. Our new partnership with Microsoft allows us to provide this integrated solution entirely hosted on the Azure cloud.”
A common concern among organisations is the impact of security measures on the overall user experience.
“There is a misconception that implementing security controls will negatively impact the end-user experience,” says Patel. “This is particularly evident when firms try to secure Apple devices with tools that were built for Microsoft Windows, an ecosystem that is so different from Apple that it only leaves a small common denominator that can be effectively secured, leading not only to gaps in security but also to a poor end-user experience.”
However, Jamf’s security solutions are specifically built by Apple experts who understand the intricacies of Apple’s operating system and security framework. By leveraging native Apple technologies like the Endpoint Security API, On Device Content Filtering and Network Relay, Jamf ensures that security controls are robust without compromising the seamless user experience that users have come to expect from Apple.
The challenge of protecting enterprise data becomes even more complex when employees use mobile devices, such as phones and tablets, to access corporate systems. “Sadly, mobile devices are often overlooked when creating a security strategy,” says Patel. “These devices, which contain the same sensitive data as Macs, are attractive targets for malicious actors.”
To counter this, Patel advocates for a comprehensive mobile threat protection strategy that includes web filtering and secure connectivity within a zero-trust framework. “Only this will harden the endpoint sufficiently to protect against today’s threat landscape,” he emphasises.
In addition to protecting mobile devices, organisations must also balance security with employee privacy, especially for bring your own device (BYOD) policies. Patel acknowledges that many BYOD solutions have been “great in concept, but flawed in practice”. The challenge lies in ensuring that corporate data is secured without infringing on personal privacy. Jamf addresses this by offering mobile application management rather than full device management, which Patel describes as “too invasive for personal devices”. By securing specific apps without accessing personal data, Jamf’s approach allows IT admins to manage corporate data without compromising user privacy.
Discover more insights like this in the Autumn 2024 issue of Technology Record. Don’t miss out – subscribe for free today and get future issues delivered straight to your inbox.