macOS Ventura is here and Jamf is ready for same-day support! Upgrade when you're ready, manage and secure your Mac with powerful new workflows, and unleash the power of macOS Ventura and iPadOS 16.
Apple announced the release of macOS Ventura and iPadOS 16 today, and we are proud to once again bring same-day support. This blog focuses on macOS Ventura. To learn more about iPadOS 16, visit our blog on that release.
As Apple evolves, Jamf is evolving how we enable organizations to succeed with Apple’s new operating systems. Today, same-day support means delivering compatibility for Apple’s releases on the day they are available. This compatibility includes endpoint security to ensure your users can upgrade freely, without the risk of compromising organizational security. That promise remains critical, and we are adding to it a commitment to accelerate the adoption of Apple’s most critical workflows and extend the power of Apple-specific technology with purpose-built solutions that enable unique industry-specific workflows.
In other words: Whether your organization needs compatibility with macOS Ventura or the ability to enable users to take advantage of powerful new features like Declarative Device Management, Jamf helps support, embrace and extend Apple’s features and workflows for your industry.
Organizations are always looking for ways to improve management processes, increase security protocols, and enhance the end user experience. With the release of macOS Ventura, Apple has once again helped organizations do exactly that. This blog will highlight key features and how they may impact you and your organization.
Upgrade to macOS Ventura when you are ready
While a new Operating System is exciting, we understand admins may want to delay upgrading to test critical apps or infrastructure before rolling out new operating systems. macOS Managed Software Updates allows admins to do just that, and is now available for M2 Macs. This allows a major release (like Ventura) to be deferred up to 90 days, while important security updates and minor macOS versions are still available for users to install.
Become more proactive in your management approach
Apple continues to improve its Mobile Device Management (MDM) protocol for macOS devices with Declarative Device Management, expanding upon the already existing support for iOS and iPadOS devices. Declarative Device Management sends MDM from its historically reactive management approach to a proactive management approach. Individual devices can now act more autonomously and proactively within the confines of policies from their management server.
With Declarative Device Management, a device will discover its own state changes and take action based on defined criteria, rather than waiting to hear back from the management server. This lessens the strain on the management server, provides more accurate and timely device information, and policies can be applied faster to better maintain its desired device state.
Deploy security updates faster
Rapid Security Response for macOS Ventura introduces a new mechanism to ship security fixes to users more frequently in order to improve endpoint protection and ensure devices and data remain protected from vulnerabilities. New configuration keys were also introduced at WWDC 2022, to allow this mechanism to be disabled by an organization or disallow users from “rolling back” and uninstalling a Rapid Security Response update. Jamf Pro 10.42 includes support for these keys in the Restrictions payload, giving admins the ability to manage Rapid Security Response settings on computers and devices.
This will bring peace of mind to Security and IT teams that can now know important security updates are getting to users faster, thus tightening protocols across their organization.
Easier logins with added security
Users now have a faster, more secure way to access company resources. This is done through Platform Single Sign-On Extension.
The Platform Single Sign-On Extension (PSSOe) builds on the SSOe configuration profile by tying the local user account on a Mac to the Single Sign-On application. From the macOS login window, the user is allowed to use their cloud identity provider (IdP) password to unlock that Mac. Once the user enters their credentials at the Mac login window, the PSSOe app will either update the local account password for the user or use a token stored in the secure element of the Mac to authenticate the user locally. After the user has successfully logged in, the local account password is kept in sync with the cloud identity password, meaning users can access any resources gated by the IdP and the SSOe app without additional password prompts.
PSSOe is an exciting enhancement built into the macOS framework but in order for the benefits to be realized, a local user account must first be created on the Mac. That’s where Jamf Connect comes in. Jamf Connect can create the first user account — or any additional user accounts needed - and can enforce linking that local account to the identity provider credentials. From there, the PSSOe can attach itself to the local user account and seamlessly log users into their organization’s IdP-gated tools and resources. Jamf Pro is ready with the necessary payloads whenever cloud identity providers support Platform Single Sign-On.
Jamf is prepared with same-day support for macOS Ventura today. Whether you want to make the new operating system available to your team today or delay OS upgrades to take time to test and validate, Jamf has your back.
Learn more about upgrading to macOS Ventura
Have market trends, Apple updates and Jamf news delivered directly to your inbox.