Gartner IAM Summit recap

Jamf demonstrates security interoperability at the Gartner IAM conference with other industry leaders.

December 19 2024 by

Sam Weiss

Person using an iPad, overlaid with graphics showing identity and access concepts

Identity and Access Management (IAM) is a cornerstone of modern cybersecurity, and a necessary element in any zero-trust initiative, including Jamf’s Trusted Access framework. At its core, IAM is about managing digital identities and controlling access to systems, applications and data. Organizations aiming to bolster their security policies want to ensure that only authorized users on compliant devices can access sensitive resources. To achieve this outcome, access control systems need to incorporate input from a variety of solutions including:

And a host of other security tools that work together to share signals in a true identity-centric zero-trust ecosystem.

Seamlessly integrating all of these technologies — resulting in sharing risk analysis, compliance status and management state in real time — is the goal when implementing zero-trust frameworks. This would let organizations craft their truest vision of zero trust across the broadest set of devices possible, with their choice of policy engine. No device type would be left out of the CISO’s preferred tech stack. Security coverage would increase, employee choice would flourish and all platforms could be treated as first-class citizens by both IT and Security teams.

But achieving this vision hasn’t been straightforward. Why? Because building performant, real-time integrations on a one-off basis with an ever-growing number of security vendors is a monumental challenge. The amount of organizational effort required to work with multiple bespoke APIs can be quite high.

As an industry, how do we address the problem of interoperability? Could Jamf help make Apple devices — already the device of choice for employees — the preferred device for CISOs too?

Jamf has partnered with like-minded organizations and embraced emerging standards that address this problem. Together with leaders like Okta, Cisco, SailPoint, SGNL and others, we’ve adopted the Shared Signals Framework (SSF) and the Continuous Access Evaluation Protocol (CAEP): two complementary standards that unlock interoperability and address our customer’s needs. Let’s dive into what these standards bring to the table.

Shared Signal Framework (SSF)

The first step in building an integration is deciding how two platforms will communicate — essentially, the digital plumbing. SSF is a standard that facilitates real-time sharing between a transmitter (like Jamf) and a receiver (any SSF-capable platform). Think of SSF as the data pipeline powering frameworks that focus on interoperability, such as CAEP.

Continuous Access Evaluation Protocol (CAEP)

The second step is agreeing upon a shared language. CAEP provides standards for sharing session-specific security events (like compliance status or device risk) with third-party systems. This shared dictionary of fields and statuses significantly simplifies integration development.

Jamf has been hard at work integrating these capabilities into our platform. Our aim is to extend the rich device telemetry and enterprise Apple ecosystem we provide into existing security stacks. We recently had the opportunity to showcase our progress.

Gartner IAM sessions

The Gartner IAM Summit is the premier event for insights into the latest strategies and technologies for securing access. The event kicked off with a keynote highlighting IAM trends, models and standards that the industry is championing. Felix Gaehtgens, a VP Analyst at Gartner, shared a list of emerging standards that solve real-world problems for enterprises and their supporting security vendors; at the very top of his list was CAEP, showcasing it as a protocol that is being adopted by vendors and driving outcomes. Gartner and its analysts are leaning into the importance of SSF and CAEP. Gaehtgens said “If you like this — and you should, ask your vendors to support it.” Gartner is providing coverage of the standard and support of the OpenID Foundation to help the industry move to mass adoption.

Flowchart showing how Jamf works with IGA and policy engines to revoke access when a device falls out of compliance.

Attribution: OpenID

Shared Signals interop demonstration

Gartner provided the OpenID Foundation space to facilitate multiple interoperability sessions for attendees and analysts. This was an opportunity to meet vendors that have demonstrated interactions between their platforms, based on the ability to transmit or receive CAEP messages.

Session hosted by Gartner

There were five tables in the room, in which attendees had the opportunity to interact with vendors and see demonstrations of this technology in action. We were excited to hear the positive reception by customers, analysts and other vendors in the space. The level of integration demonstrated between all participating vendors was astounding. The fact that it’s all powered by an open standard gives hopeful promise to a bright future of interoperability between an organization’s vendors of choice.

Group of people gathered around a computer watching a demo

A SGNL representative demonstrating integration between Jamf and their platform.

As the industry-leading provider of Apple management and security solutions, Jamf customers have the deepest insight into device telemetry, compliance status and security events. Through our support of these standards, Jamf aims to make Apple devices the premiere choice of users and security-focused organizations — not just because they’re the best device to get work done on, but because they’re the easiest device to manage and secure within the enterprise.

Tags: