Microsoft and Jamf, a Minneapolis-based Apple device management specialist, want to make it easier for mutual customers to get their hardware fleets under control.
The two companies have announced the integration of Microsoft's cloud-based Enterprise Mobility + Security (EMS) suite and Jamf Pro Mac, which enables Mac users to adhere to an organization's application and data access policies. The new functionality is available in Jamf Pro 10.1, which is available now. Microsoft updated its EMS product to accommodate the new functionality as well.
Conditional access is one of the key features in the Microsoft EMS suite, which enables enterprise IT departments to protect business applications and networks against unauthorized and potentially unsafe attempts to obtain sensitive data. It allows administrators to set limits on which persons and devices can access their IT resources based on a variety of parameters.
For example, a business can place location-based restrictions on a user's ability to access company data, preventing them from fetching files or launching business applications from untrusted IP addresses. Similarly, businesses can block rooted or jailbroken smartphones.
Rooted or jailbroken devices are generally hacked or modified in a way that removes many of the network access restrictions placed on them by their manufacturers, allowing users to install unauthorized applications and tweak the mobile operating system in a manner that a device maker never intended.
On Macs, the feature will allow Microsoft EMS customers to harness the power of the software giant's cloud to put up a strong defense in a dangerous cybersecurity landscape, according to Brad Anderson, corporate vice president of Microsoft's Enterprise Client and Mobility division, and Dean Hager, CEO of Jamf.
"Given the increasing sophistication of the attacks and the speed at which these attacks are designed to spread, organizations require solutions that put the power of intelligent clouds working on their behalf 24x7 to assist them in protecting the organization," wrote the executives in a jointly-authored blog post.
"Conditional access provides the ability to IT to have policies enforced in real-time based upon the intelligence in the Microsoft Cloud. With this partnership, Jamf is continually feeding the rich data on Macs from Jamf Pro into the Microsoft Cloud —strengthening the ability of the Microsoft Cloud to protect access to company data from Macs."
Microsoft EMS and Jamf Pro Mac customers can now sync Intune, the mobile device and app management component within EMS, with their Mac inventory data. This capability allows administrators to consolidate their reporting in mixed-device environments, said Anderson and Hager.
Infused with that Mac inventory data, administrators can now extend their conditional access policies to Macs based on a user's identity and the security intelligence gathered by Microsoft EMS to provide or block access to protected resources.
Finally, if something is amiss, users can use familiar tools to address the issue. When the system encounters a non-compliant device or other security issue, it will guide users to Jamf's self-service remediation experience.
More information about the Microsoft EMS-Jamf integration is available here.