Skip to main content

Seven ways to ruin your Mac deployment

Posted in: Casper Suite, Jamf Pro

Are you finally kicking off that Mac management project that’s been on your list for years? If so, make sure to avoid these seven common pitfalls:

1. Manage the Mac like an iPad

Many products on the market offer Mac “management” as an add-on to their Mobile Device Management (MDM) tools. But in practice, there are many times when a more complete toolkit is required for maintaining a fleet of Macs. One example? MDM tools lack the imaging workflow capabilities for scalable Mac deployment.

2. Manage the Mac like a Windows PC

Another common blunder is trying to manage Macs with a tool that’s built for Windows. The platforms are different enough that it’s nearly impossible to manage both well from a single tool. Many vendors offer a “cross-platform” solution, but none deliver a great experience.

3. Lock down everything

Nothing turns users against organizations and IT faster than an overzealous security policy. While it’s vitally important to maintain good security posture; it can’t be at the expense of usability.

4. Ignore Apple’s update schedule

Apple releases a new major version of OS X every year, typically in the fall. Consumers are familiar with upgrading their Macs at home and they will expect an update in the workplace as well. IT admins can join Apple’s beta program to test the new OS before public release to help identify and remediate any potential issues.

5. Rely on third-party Full Disk Encryption tools

Every Mac comes with enterprise-grade, whole disk encryption capabilities built in to OS X. With a management tool like the Casper Suite, you can enforce encryption and escrow recovery keys from a central console. Because it’s built into OS X, upgrades are painless and system performance is not impacted.

6. Block the App Store

Apple offers a great service to customers and software developers alike by promoting and distributing apps via the App Store. With the Volume Purchase Program (VPP), organizations can take advantage of this distribution channel while still maintaining central purchasing and licensing controls. Barring exceptional circumstances, there’s no reason not to embrace the App Store.

7. Segregate the Mac infrastructure

OS X ships with a native Active Directory (AD) plug-in, connects to Microsoft Exchange with the native Mail client, and supports all standard networking, printing, and file share protocols. Today, there’s no reason to segregate the Mac environment. Go ahead, bind the Macs to AD, connect all your network shares, and bring them into the fold.

Boost your entire organization’s productivity by avoiding potential landmines during Mac deployments. The Casper Suite, among other things, can help simplify and automate the process so your users are up and running in no time.