Security and privacy concerns are real for organizations. With recent, highly visible security breaches and vulnerabilities, learning how to combat new exploits and potential threats, while still maintaining user privacy, are top priorities for IT leaders.
The resources below provide ways to protect company and user data so IT can mitigate risk and alleviate security concerns — without negatively impacting users.
See how Aquent meets their Apple device security needs and goals.
Apple native security
Put built-in tools to work.
Apple’s iOS and OS X operating systems are built on a secure UNIX foundation, known as one of the most secure platforms in the world. Each Apple operating system comes with built-in security components, including:
Native VPN protocols
The App Store ecosystem for trusted software
Native software patching utilities
You can use the Casper Suite to leverage these native tools and secure your Mac and iPad devices without adding complexity with extra components.
Vulnerabilities, such as Shellshock or Heartbleed, are going to happen. But with the Casper Suite's ability to quickly and easily package the patch from Apple, deploying the fix to users is seamless and noninvasive. You can then receive inventory reports to ensure all devices are updated and secured.
One way to mitigate risk is to encrypt client machines. To help with this, Apple offers an encryption tool called FileVault 2.
What is FileVault 2?
Built-in disk encryption for OS X that encrypts the entire drive using XTS-AES 128 encryption technology.
How does FileVault 2 work?
Creates a pre-boot login partition where the user enters their password and FileVault 2 decrypts the drive and it boots up normally.
How to turn FileVault 2 on?
In the System Preferences, under the Security & Privacy Panel.
With the Casper Suite, you can automate FileVault 2 settings for each device, ensuring they are encrypted — all without touching a device. And because this is a built-in Apple feature, you are not adding unnecessary components that slow down your users.
With many organizations housing sensitive corporate and private data on employees’ devices, one of the simplest ways to uphold security standards is to require passcodes. The Casper Suite gives you the ability to require a simple or complex password and require password rotation.
Compliance and security reporting
Reduce risk and streamline audits.
With Mac and iOS devices out of compliance posing substantial risks for organizations, keeping devices in compliance is no longer an option. It’s a requirement.
The Casper Suite allows you to monitor the status of your security protocols using inventory data and lets you set policies to automatically correct lapses in security or notify IT of non-compliance. This can be especially crucial for organizations that must meet HIPAA security standards for Mac.
You can also create custom security reports for your organization or use the built-in templates to generate reports to demonstrate compliance with security standards. This provides organizations the confidence needed to gladly hand over their compliance reports during an audit.
The JSS allows us to simply click that button, set up a code, and lock that machine down. We don't have to worry about our data being obtained in any way, shape, or form.
The JAMF Software Server (JSS) can run on OS X, Windows, or a Linux server. For security measures, the JSS can limit access to the server by restricting who can log in and provide granular control over what those who have access can see and do.
To simplify server setup, we offer customers the ability to host their JSS in the cloud. To see what’s included and how this benefits organizations, visit our JAMF Cloud page.
If you'd like assistance securing your JSS, contact the security experts on our Professional Services team.
Integrate 3rd party tools
Add the security components you desire.
For a complete ecosystem of security, some organizations need to go beyond managing encryption and passcodes, and add a single sign-on or antivirus tool.
The Casper Suite allow you to take a wide range of third-party tools, such as CrashPlan or Sophos, and seamlessly integrate them with your infrastructure and with one another. Package and deploy these tools to users, instead of forcing individuals to download on their own without IT's support or knowledge.
We engage with third-party consultants to go through a more thorough code-assisted penetration testing. JAMF also tests the security of its software against mock third-party hackers even before launching new software.
Jason Van Zanten
JAMF Software Information Security Lead
JAMF Software internal security
An IT staff just like yours.
Regardless the size of the organization, IT staffs are inherently similar. They need to secure devices, keep accurate inventory, and deploy the right software to the right devices.
So how do we do that at JAMF Software? Take a stroll through our internal security page to see our security overview and the five most common questions our employees have for IT.
Ready to try the Casper Suite?
With automated security settings, compliance reporting, and third-party integration, you can ensure your Mac and iOS devices are protected.