Welcoming a raucous commercial audience to day two of the 2019 Jamf Nation User Conference (JNUC), Dave Alampi, Chief Marketing Officer at Jamf, started off by retiring the exciting announcements from yesterday’s opening keynote:
- Embracing and extending new Apple technology like User Enrollment, Enrollment Customization, single sign-on, new configuration profiles – including the new O365 profile. As well as the ability to manage Jamf Connect settings right within Jamf Pro.
- Jamf Connect is completely streamlining the user experience when it comes to provisioning and signing into and gaining access to corporate resources with a single identity – with specific announcements around Jamf Connect for mobile and Passwordless Authentication to both a Mac AND a PC using an iPhone.
- Jamf Protect, purpose-built Mac endpoint protection to offer on-device analysis of macOS activity to create customized telemetry that gives enterprise security teams unparalleled visibility into their macOS fleet and the ability to respond and block identified threats.
And all of this was presented in the context of two deeply held beliefs we have at Jamf:
- Those who choose Mac should be empowered to use Mac AND…
- Those who choose Apple should get the very best of Apple
Those who choose Mac should be empowered to use Mac
“We are not saying companies must purchase Mac for all their employees or that Mac should be forced on people who prefer a PC,” said Alampi. However, as attendees heard yesterday from IBM CIO, Fletcher Previn, Mac has shown not only to improve IT efficiency and increase total cost savings, but also Mac users at IBM are typically higher performers, have higher employee satisfaction and are more likely to stay at IBM.
There’s no doubt IBM, Previn and his team were pioneers for Mac-choice programs. They inspired many companies to look hard at offering choice for both bottom-line and top-line reasons. With this inspiration, big companies, small companies, tech-based companies and non tech-based companies are offering choice… companies like GOAT, True Manufacturing, Cirrus Logic, Money Forward, DeNA, Scania and more than 75 other customers in our Jamf Heroes advocacy program just to name a few.
Jamf Protect provides more incentive to offer Mac
Dave McIntyre, Chief Information Technology Officer at Build America Mutual, joined Senior Jamf Product Manager, Andrew Medearis, to discuss why Build America Mutual is a Mac organization and how they can use a smaller IT to support their Macs (as opposed to PCs).
He specified that all 85 employees at Build America Mutual use Mac.
“IT began with a 10% focus on cyber security, now it’s 60%,” said McIntyre. “Using Jamf Protect (formerly Digita Security) makes me feel pretty smart.”
McIntyre understands that some of the biggest security risks are due to patches, configurations and random bad plugins, and admitted that they originally thought leveraging Apple’s native features was “best security.” So, they turned to Jamf Protect to:
- Gain better visibility in security and security threats
- Identify bad actors on the Mac endpoint (even if they weren’t able to pinpoint how it infected the endpoint)
- Determine low performance hits machines were taking (unlike the Windows virus detection software the team had been leveraging)
- Inspect any and all security alerts and take action
Jamf and Microsoft partnership make Mac and Office 365 work in perfect harmony
“No partner is more strategic than this one,” said Alampi. And with that, he welcomed Brad Anderson, Corporate Vice President at Microsoft and Jason Wudi, Chief Strategist at Jamf to the stage.
The Jamf and Microsoft solutions is where “identity meets device meets app to empower users and make sure it’s secure,” said Anderson.
Anderson went on to discuss ‘device compliance’ and how that phrase can have different meanings to different organizations. With the Jamf and Microsoft integration, you can set the parameters and enforce them.
“We are one of the largest Mac organizations on the planet,” said Anderson. “You bring in what Jamf Pro attributes for Mac data into Microsoft Endpoint Manager and you have a complete solution.”
The conversation next transitioned to Microsoft Azure Cloud. With Jamf Pro Connect for Power BI (available in 2020), you can take Microsoft Cloud data and move it into an environment where you can view and slice in any way you want. With Jamf Pro Connect for Power BI, organizations will be able to leverage their Microsoft environment to view analytics on a more granular level.
The fact that Microsoft Office 365 is a per user license where a person can leverage up to 15 different devices, leveraging identity to access across an array of devices is important for organizational and user success.
With Jamf Connect for mobile, an iPhone can be used to sign into Microsoft Azure on a PC or Mac and gain instant access to the appropriate resource. For PC users, they are signed into Azure which then allows them to sign into their Windows laptop.
So, whether offering a Mac-choice program or not, this feature can be used to streamline identity and login.
Those who choose Apple get the best Apple experience
Shifting gears, Josh Jagdfeld, Director, Alliances at Jamf, discussed new ways to improve productivity and reimagine workflows to streamline Apple initiatives.
“With a unique blend of hardware, software, services, partners and integrations, there are endless possibilities about where this ecosystem can help to modernize legacy workflows or create entirely new use cases that were never possible before,” said Jagdfeld.
For those who attended JNUC 2018, they heard the SAP IT Services team introduce their new Apple Center of Excellence initiative. This initiative uniquely pulled apart the traditional IT concept of managing mobility and endpoints in separate teams – and instead focused on managing ecosystems with discrete teams, tools, and ultimately, strategies.
At the beginning of this journey, SAP enrolled 17,000 Macs into Jamf Pro and migrated 83,000 iOS devices from their in-house MDM solution into Jamf Pro. Well, the project has continued since then, and Martin Lang, VP IT Services Enterprise Mobility at SAP joined Jagdfeld to discuss.
Apple at SAP: Embracing Jamf Cloud
SAP kicked off the migration in February and it took six months to get all devices migrated to Jamf Pro, this was all done while employees remained fully productive. Migration went so well — a miniscule 1% incident rate — SAP decided to move their Mac device to Jamf Cloud, from Jamf Pro on-premises.
“We embrace the cloud at SAP, a lot of our products are cloud-based,” said Lang. “The scale was never a problem; the system went super smooth.”
This process forced SAP to refocus attention from IT to the user. This change in mentality has helped:
- Increase user productivity
- Create a natural focus on how users are using their devices
- Shift IT from cost-center to business value driver
- Change IT from infrastructure to application management
The SAP team has spent a lot of time developing not only iOS and macOS native apps for end-users to help them do their jobs, but also IT-enhancing workflow apps to help serve end users better.
“We have so many different roles across the organization who rely on apps to do their jobs every day,” said Lang. “It is pretty amazing to look at that usage data and better understand how our users are using their devices.”
Using the iOS assist app, Lang even asked Siri how many devices SAP is managing!
To learn more on ways SAP is succeeding with Apple and Jamf, read the SAP case study.
Enterprise infrastructure is complex
Giving employees a choice in work hardware can be a real productivity driver. Jamf has also learned through experience that there can still be roadblocks when people choose an Apple device and then have to integrate with complex infrastructure, services or enterprise applications to get their work done. In a Jamf study, we learned a few issues are persistent:
- Network and connectivity issues: 50%
- Login and credential issues: 31%
These problems can leave users locked out of their accounts if they’ve lost their password or can force them to use publicly available untrusted Wi-Fi networks. And in some cases, can even cause them to use unorthodox workarounds just to get their jobs done. Unfortunately, all of these scenarios can create a terrible user experience and also present significant risk to employee data, or even the company they work for.
Lee Tschetter, Solutions Architect at Okta took the stage to discuss how Jamf and Okta are elevating the security and usability factor for users and IT to alleviate these issues.
Security and usability have been a balancing act
We all share the responsibility to improve how our users seamlessly and securely connect with the enterprise infrastructure and applications that are integral to a modern workforce.
IT has gone through many phases in the past 30 years: from mass adoption of the personal computer, to widespread adoption of mobile, then the recent explosion of cloud-computing and SaaS. A tremendous amount of change in a short amount of time, with constantly evolving business requirements, security challenges and regulations.
In the past, the perspective of end users is that the IT department made the laptop run slow, they are forced to remember a dozen passwords, and IT constantly changes things for no obvious reason other than making their jobs more difficult.
From the IT department's perspective, they spend way too much time on help desk calls, manually imaging and configuring end user hardware, and dealing with the latest threats to the environment — resulting in a team that was constantly reactive and rarely able to spend time innovating.
“Thankfully, we had thought leaders like Jamf, who created new ways to streamline IT processes, and Okta, that enabled seamless, secure access to the applications we use every day,” said Tschette. “With these technologies, we started the shift from a contentious IT and business relationship to one where IT enables the business to move faster, to innovate, and to differentiate.”
Jamf + Okta for the modern workforce
“We’re taking zero trust to another level,” said Tschette. You can now integrate identity and endpoint security with Jamf Protect. And the results are:
- Critical apps are only accessed on devices known to be healthy and managed by IT
- Correlate user identity and devices; receive real-time security alerts
- Maximize your security investment across hybrid and cloud environments, regardless of complexity
- Deliver unified login experiences for end users across desktop and mobile devices
There is still work to be done, but Jamf Protect is a great example of a new opportunity to do so much more. In a zero-trust model you need continuous authentication, and the endpoint protection solution running on your laptop knows exactly what the current status is.
“The entire ecosystem needs to communicate, and Okta is leading the way in defining this new architecture. This is the zero-trust network effect that makes a huge impact. The user is still working, the business is still operating, but we are reducing risk and making intelligent decisions in real time. I believe this is the future of work,” said Tschette.
Mobile devices and apps in healthcare
Adam Mahmud, Healthcare Solution Manager at Jamf next took the stage to welcome Tim Needham, Chief Commercial Officer at PatientSafe who’s leveraging a mobility strategy to deliver a better healthcare experience.
Needham discussed the key drivers for investments in mobile:
- HIPAA compliant secure messaging
- Voice calls and message consolidation
- Critical results and alerts
The work of caring for patients in a hospital setting is incredibly collaborative work. As an example, a patient staying in a hospital for four days will expect to have an average of 50 different individuals participate in their care. Despite this complexity, most clinical employees within a hospital still manage their communication needs with a combination of legacy wireless phones, pagers, desktop phones and disruptive overhead pages. Plus, the occasional yelling down the hallway.
“Our goal is to move users off of a very scattered set of hardware and tools to a single app experience that delivers 80-90% of the functionality they need,” said Needham. “In the case of communication needs, texting, voice calling and receiving of critical alerts covers that 80-90% target.”
The Jamf and PatientSafe partnership makes this possible. Read more here.
Bringing the hospital to the home
Next, Lindsey Koshansky, VP of Clinical Innovation at Locus Health joined the stage. Locus is working to bridge the gap between hospital and home by leveraging mobile technology to remotely monitor and communicate with patients. The results include:
- Real-time data submission
- Interactive clinician dashboards
- Data reporting
- Secure photo and video transmission
- Educational content, apps and videos
- Adaptable for adult or pediatric patients
The Locus platform is an iOS-based (and iPadOS) solution delivered on an iPad to enable care at home and remote monitoring for patients when they leave the hospital.
“When we designed our platform, we prioritized ease of use,” said Koshansky. “In healthcare, removing barriers has to be priority one in engaging patients. The patients we serve and health systems we work with need the ability to transition their patients to home, monitor key data points and collect necessary information. For the clinicians we work with they need a configurable platform to adapt to their patient populations and specific patient needs.”
To ensure user privacy and to meet healthcare regulations and compliance, Locus leverages Jamf Pro and Jamf Setup.
Jamf Pro provides the ability to manage the iPads for a program and provide a secure tool. And Jamf Setup has allowed a central inventory of iPads at a hospital. Clinical teams pull a device and select their program accordingly. The iPad is then configured per the program specifications and ready for patient use.
At the end of the shift, Jamf Reset allows a clinician or Locus to easily wipe the device ensuring patient privacy is protected and the iPad is ready for the next patient. Clinicians are easily able to turn an iPad from patient to patient without calling IT or requiring training on provisioning a device.
“This workflow enables not only deployment with ease for the clinician but also for the patient and family. Both groups can remain focused on care of the patient and what is most important – transitioning to home, recovering and caring for their loved one,” said Koshansky.
Learn more about Locus and Jamf for healthcare at home.
Two more things…
TRAINING NEWS: we've released more than 100 videos onto the training catalog. 15 playlists for Jamf Pro, Jamf School, and Jamf Connect. Today, it's available to all customers free of charge: trainingcatalog.jamf.com.
And, as we look back at the last 10 years, Minneapolis has been a great city to host JNUC! Amazing growth from 100 to 2,000 attendees. But it’s no surprise after seeing these numbers that we have literally outgrown the largest spaces in Minneapolis… and, quite frankly, it’s time to move…somewhere…warmer.
I’m excited to announce that JNUC 2020 will be in San Diego!