Portnox and Jamf: Working together against BYOD anarchy


The coming BYOD storm

I remember it like it was yesterday — June 30th, 2007, I trotted into work proudly holding the very first iPhone (4GB!). I was the first person in my small company to get one, having waited in line for six hours the previous day in the hot Texas sun at my local AT&T store. I predicted the line would be shorter there because it was outside, versus the Apple Store which was in the mall — because after all, who would be crazy enough to willingly sit in the Texas sun? I was right, but man...it was hot. After showing it off to my co-workers, I went to our two-person IT department and asked them to give me the Wi-Fi password. They said no. I asked if they would just type it in for me, and reluctantly they took my phone and entered it in.

Android was released later that year, and as smartphones became ubiquitous, that two-person IT department was quickly overwhelmed and put their collective foot down — no more coming to them for Wi-Fi access. No new smartphones on the corporate network. Unfortunately for them, one of the existing smartphone users was able to decrypt the password and handed it out freely — and then it was network anarchy. Phones, personal laptops— one support rep even brought in a PlayStation 3.

If only MDM had existed...

BYOD (Bring Your Own Device) has come a long, long way since then, and now users have the expectation that they will be able to join the Wi-Fi network at work, even if it’s just a guest network. More and more, people have come to rely on their corporate network connections on their smartphones and tablets. As illustrated above, users are persistent: if you give out a blanket “no” it becomes their mission to find a workaround. My guess is that you probably have better things to do than track down rogue devices all day.

The explosion in remote work further complicates the matter. Companies are incentivized to let staff access network resources from anywhere on just about anything. It just makes operational sense. So a much better, less stressful strategy is to implement a BYOD policy that gives you some control over the devices people are using to get on the network while still letting the user choose what devices to use.

Enter MDM, or Mobile Device Management — something I’m sure our beleaguered two-person IT team would have welcomed all those years ago. MDM makes corralling all those BYOD devices (tablets, phones, laptops, etc.) and safely allowing them onto the network a breeze.

Some key features of a good MDM include:

• Ensuring devices are configured to adhere to a standard set of supported applications, functions, and/or policies

• Maintaining a minimum OS version

• Location tracking

• Remote troubleshooting

Apple, Jamf and Portnox: covering all the bases

As the gold standard for managing Apple devices, Jamf goes beyond your standard MDM. The Jamf platform offers solutions including:

• Zero-touch deployment
• Customized App Store
• Behavior detection
• Threat hunting
• Same-day Apple OS support for every macOS, iOS, iPadOS and tvOS release

Jamf has dedicated solutions for every need - business, education, healthcare and more. Whether you have a few iPhones or an army of iUsers, Jamf has a solution that can help you keep your mobile users happy and your network safe. And not to brag, but we think one of the best things about Jamf is that it seamlessly integrates with Portnox’s cloud-native zero trust access control platform to bring your network security to a whole new level.

If you’re using certificate-based authentication (and you should be) you can use Jamf to deploy your certificate to all your devices, which makes certificate enrollment approximately 10,000% easier (that’s an exact figure.) You can also use Jamf to deploy AgentP, which extends your Portnox NAC-as-a-Service capabilities to enable risk posture assessment of all connected Apple devices, as well as automated remediation of any Apple devices that fall out of compliance.

Anarchy, controlled

The multitude of devices that exist to connect to a network can overwhelm even the most stalwart IT team. Combining Jamf and Portnox NAC-as-a-Service keeps everyone happy — and most importantly, your network safe and secure.