Modern identity management alongside mobile device management (MDM)

To help admins wrap their arms around Apple identity and begin to take steps towards implementing an identity strategy, let’s take a look at three core identity technologies – directory services, cloud-based single sign-on and Jamf Connect.

March 27 2020 by

Kaylee Carlson

Modern IT management has many layers and admins are seeing a new demand for Apple management that considers technology outside the world of just MDM. While a mobile device management (MDM) solution used to be table stakes, today’s IT admins know that Apple management is evolving. Apple adoption continues to grow and with that comes the opportunity, and the need, to build an identity strategy that works in tandem with existing MDM workflows — providing secure and customized access for end users.

To help admins wrap their arms around Apple identity and begin to take steps towards implementing an identity strategy, let’s take a look at three core identity technologies – directory services, cloud-based single sign-on and Jamf Connect. Some of these technologies have existed for years while others — like cloud-based single sign-on — are now gaining more widespread adoption. Whether your organization is using none or all three of these technologies, we hope to provide a high-level view of these key components for implementing a successful identity strategy.

Core identity technologies

Directory services are often called an organization’s “source of truth” and act as a centralized record of employee information, like name and department. Binding to an on-premises Active Directory is fast fading while many organizations have either moved to or have plans to move to a cloud-based directory service like Microsoft Azure.

Directory services can often be leveraged when integrating with management platforms like Jamf Pro to better customize devices for end users. One of the biggest – and often most immediate – benefits an admin enjoys when pairing a directory with MDM is the ability to take advantage of all the historical data in that directory in new ways. Jamf Pro can take targeted action based on end-user information like a name or department affiliation.

Directories are also an essential source of information for admins wanting to automate some of their management tasks. With Jamf Pro and a directory service working side-by-side, you can take advantage of our patented Smart Groups to quickly set parameters for your fleet before you kick back and let Jamf do the heavy lifting. For example, Smart Groups can help deliver curated apps to a targeted group of employees based on directory information or ensure that a specific department is running the latest — and most secure — version of an operating system, even if they are working remotely.

As organizations move to a cloud-based directory service, they can also build on the information from that directory service by using cloud-based single sign-on, to ensure end users use secure credentials every time they access company resources. Without the use of cloud SSO, users would have to enter their username and password every time they want to access apps or resources, hampering the user experience and also leading to more forgotten passwords and trips to IT, slowing down productivity. With cloud SSO, users can enjoy a better experience by authenticating once and gaining access to cloud-based applications such as Microsoft Outlook and Slack to keep their day moving along with ease.

Jamf Connect streamlines Mac authentication and identity management by giving users the power to leverage a single cloud identity to gain immediate access to all of the resources they need to be productive. Jamf Connect allows IT admins to ensure accounts are properly provisioned and that local Mac account credentials stay in lockstep with the credentials stored in the cloud identity directory. This can be hugely beneficial to admins acting as a guardrail to keep credentials in order across an entire Mac environment and also ensures company devices and information are safe and protected without the challenges of binding to on-premises Active Directory which is necessary in today’s mobile workforce.

A trifecta of identity tools

Now that we’ve looked at what identity tools are available to you; you might be asking yourself “Where are we in the identity lifecycle?” While some teams have already adopted a full identity technology stack, many are still growing and looking to adopt more tools to evolve how they manage identity.

Take a look at our infographic to get a better sense of how your organization stacks up. This tool is designed to show how admins can fully adopt this stack to unlock new functionality and more advanced workflows. When you’re ready, request a trial of Jamf Connect and Jamf Pro, and put the identity stack and workflows to the test.

Learn about identity management

Get Started with Jamf today!

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.