With the lower Total Cost of Ownership of a Mac when compared to PCs and a surging preference from staff to use Apple devices, there has never been a better time to adopt them in the workplace.
Whilst Macs are secure straight out of the box thanks to macOS, using them for work requires applying due diligence in terms of protecting both their sensitive data and your wider network from outside threats. Despite this need, there has never been a Mac-exclusive EPP (Endpoint Protection Platform) solution until now. This is where Jamf Protect uniquely shines, and this post will explore how it can help secure your organisation’s Mac fleet.
Because Jamf Protect is built exclusively for macOS, it is uniquely positioned to support every new version of the OS day-and-date from launch. IT admins no longer have to choose between running an older OS (therefore missing out on new features and security enhancements) for several months or upgrading and breaking compatibility with their EPP solution. This exclusivity also enables Jamf Protect to fully leverage Apple’s inbuilt security frameworks, ensuring best-in-class performance with only a minimal impact to the client Mac.
Jamf Protect is backed by Jamf’s in-house Threat Labs team and their diligent research. In 2021, this group made headlines when they discovered and analysed two major vulnerabilities in macOS - quickly patched by Apple following Jamf’s report - which were actively being exploited by ‘Shlayer’ and ‘XCSSET’ malware. Only a few weeks ago, the team also ensured that Jamf Protect discovered and blocked the now high-profile 'DazzleSpy' backdoor.
This team combine their own, leading research with established third-party malware lists, to ensure that your Mac fleet is continually protected from the very latest threats, once Jamf Protect is running.
Jamf Protect will prevent and quarantine known Mac malware all by itself. However, if you use Jamf Pro to manage your Apple estate or are a member of our BusinessClass managed service, Jamf Protect can neatly integrate into it and open up powerful options for advanced remediation. As examples, you could:
For security teams wanting a ‘single pane of glass’ insight across their entire IT fleet, Jamf Protect offers the ability to forward alerts to many third-party SIEMs - including the popular Azure Sentinel (now renamed as Microsoft Sentinel). The Sentinel integration runs even deeper, allowing it to run its own remediation policies (based on Mac security data that is automatically synced from Jamf Protect) if desired.
Benchmark your Mac fleet against CIS metrics that are relevant to your business to see an at-a-glance view of your Mac estate’s compliance. These internationally-recognised benchmarks are increasingly employed by organisations of all sizes to evaluate their IT defences against cyberattacks, as highly-compliant devices ensure an excellent first line of prevention against threats. A growing list of security recommendations from Jamf are also included and can be measured against or alongside the CIS benchmarks if that is preferred.
Available as a cost-effective Bolt-On to our managed service customers, we can handle every aspect of Jamf Protect for you from installation, benchmarking, advanced remediation via your managed Jamf Pro instance and malware definition updates. Leave the complexity to our team of Apple and Jamf certified experts so that you can simply focus on getting things done using your Macs - with total peace of mind.
To see how we can help you both secure and get the most out of your Apple estate without the fuss, give our friendly team a call on 0115 985 1797 or email us at info@krcs.co.uk