Securing Apple devices in Education: Peeling back the layers

Learn how the education cybersecurity threat landscape has evolved and why the most secure solution is to build layered protection.

September 27 2023 by

Laurie Mona

Securing Apple Device in Education: Peeling back the Layers

If your educational institution believes you’re not as susceptible to cyberattacks as the business world, think again.

In the JNUC session, Securing Apple Devices in Education: Peeling Back the Layers, presenter Anthony Darlow, Consulting Engineer at Jamf, discusses the reality of today’s threat landscape in education and the importance of building a layered cybersecurity for schools solution.

Security landscape in education

Darlow revealed that in 2022, universities were the third-most attacked institution, after the healthcare and finance industries.

As more school services move to the cloud and with increasing time spent online, schools are evermore susceptible to online threats. And as these attacks become more sophisticated, they’re becoming harder for IT professionals to spot, never mind children. Cybersecurity for students should literally work at the most basic levels.

The process of implementing cybersecurity in education needs to both address the unique concerns of both students and staff, and secure devices in a way that doesn’t get in the way of teaching and learning.

Layers of protection: the foundation

When schools use Apple devices, they can take advantage of the native security built into Apple operating systems. Apple offers multiple security features available right out of the box — if you know how to turn them on and use them.

Examples include:

  • FileVault disk encryption
  • Firewall protection
  • User account passwords

When paired with a mobile device management (MDM) solution like Jamf, you can ensure that these features offered by Apple are enforced on school devices.

To help manage and secure devices in education we have Jamf School, our education-first, Apple-best solution to help keep users and devices safe. You can consider managing a device the essential foundational layer of device security.

With MDM you can enforce settings and configurations such as:

  • FileVault
  • Password or passcode policies
  • Declarative Device Management
  • Touch ID/Face ID
  • And much more!

Using Jamf School as your MDM allows you to harden the security features built into macOS.

Building on Apple’s technology: endpoint security

While all users can enjoy the full suite of Apple threat intelligence and security technology with every device, why stop there?

On the most basic level, Macs do come equipped with security tools to help protect users. Apple offers a layer of endpoint protection with Gatekeeper, which works to prevent the launch or execution of malware, and XProtect, which helps identify and block malware should it appear on the device.

But users can ignore or bypass the security prompts, with admins having no insight into what’s happened on user devices.

To go a step beyond these tools, Jamf Protect is a modern endpoint security and malware protection solution built specifically for macOS.

Jamf Protect looks for Mac-specific threats and malware while working directly with the framework offered by the Apple operating system. For the end user, there’s minimal impact on everyday usage. It simply keeps the users safe without the technology getting in the way.

Jamf Protect also can collect and analyze data on devices and sift out suspicious and malicious behaviors. Admins are alerted to malicious actions of applications, scripts and users via the Jamf Protect Console and can take actions based on the behavior.

The Jamf Threat Labs team also maintains an Apple-specific threat intelligence database to prevent known malware from running on the device.

Final layer of defense: setting boundaries

The final layer of defense schools should consider is Jamf Safe Internet. This security tool has two focuses: content filtering and web-based threat detection.

Content filtering: Keep students from accessing inappropriate content with features including:

  • DNA over HTTPS technology
  • Category blocking
  • Google Safe Search enforcement

Web-based threat protection: Protect against outside threats including:

  • Web-based malware traffic
  • Spam
  • Phishing

Education solution: layered security

By implementing a layered solution of Jamf School as your MDM, Jamf Protect for endpoint security, and Jamf Safe Internet for web-based protection, your school can provide a full on-device and web-based stack to keep teachers and students safe wherever they are.

Check out the full session for a deeper dive into each security issue and discussion of the solutions.

Register for JNUC to access this session as well as others on demand.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.