Help

3 iMac's Stolen - Trace / Wipe / Other options?

michael_ferguso
New Contributor

Posted on ‎09-29-2014 11:13 AM

We had 3 machines (imacs) stolen this weekend. 1 big problem is our JSS isn't visible to the outside. We do, however, have Apple Push Notifications enabled.

I was wondering if remote lock/remote wipe/configuration profiles can be ran still in our scenario. I assume our issued remote command goes to the APN and then whenever the machine has an active connection and will be pushed from APN directly, not needing direct connection to our JSS?

The Officers involved would like to see if any location information or anything can be found prior to sending out a wipe command, but if not to try and wipe the machines in case there was any sensitive data on them. Is there any config profile or anything that can be hacked together, or should I just go for a wipe?

Thanks!!

0 Kudos
8 REPLIES 8

dpertschi
Valued Contributor

Posted on ‎09-29-2014 11:22 AM

My understanding of the communication triangle is that your JSS tells APN's to tell the target machine to check in with the JSS. When your target machine checks in, the JSS instructs the Mac what to do.

So if your Mac's can't talk to your JSS from outside the company network, they won't get the commands.

0 Kudos

michael_ferguso
New Contributor

Posted on ‎09-29-2014 11:27 AM

Ah, that makes sense it would work that way!

0 Kudos

bentoms
Release Candidate Programs Tester

Posted on ‎09-29-2014 11:27 AM

My understanding is inline with dpertsch.

I'd try & get a second clustered JSS installed in your DMZ, then if the clients haven't been wiped, you will be able to get their IP & rudimentary location info.

There is further you can then go, if needed.

0 Kudos

michael_ferguso
New Contributor

Posted on ‎09-29-2014 11:29 AM

Great idea bentoms. We'll see at what lengths they want us to go for these machines :)

0 Kudos

bentoms
Release Candidate Programs Tester

Posted on ‎09-29-2014 11:32 AM

@michael.ferguson, I'd also advise you watch: http://youtu.be/VKozKDhADJ0

0 Kudos

stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎09-29-2014 11:52 AM

I would echo what @bentoms said, and that is to get a second JSS stood up in the DMZ. You might want to also read through this JAMF Nation thread:

https://jamfnation.jamfsoftware.com/discussion.html?id=7328#respond

Ryan Colley has used some open source software and shell scripts to grab screen grabs and pics from the iSight camera.

0 Kudos

michael_ferguso
New Contributor

Posted on ‎09-29-2014 01:24 PM

Thanks all, taking these tips to management!

0 Kudos

Bray
New Contributor

Posted on ‎09-29-2014 05:58 PM

It's a shame you're not based in New Zealand - this is a good piece of software developed by the clever guys over at the university of Waikato, and has helped a lot of NZ Schools get their machines back...http://kaitiakisoftware.com/

Might be worth getting in contact with those guys anyway?

0 Kudos