Blocking MacOS Updates: Monterey Edition

Written by Pam Lefkowitz on September 29, 2021

Share This Article

Protecting Your Users From Themselves

It’s that time of the year. At least in the northern hemisphere, the days are growing shorter, the leaves are changing, the temperatures are dropping, and a new version of the macOS is about to drop (that’s worldwide!). 

I know this can be exciting for many, but for IT Administrators this can spell disaster as users/customers get squirrely about installing the pretty new things. They want the latest and greatest. They want to wear their “I was first” badge. Real artists ship. New is best. All that nonsense that can get in the way of being productive.

For folks who are consultants, this can actually mean a boost in income as clients install the OS and things break. If the consultant has been running the beta versions, they’re already familiar with the new environment. But, if they haven’t been installing and testing the developer versions of the OS, they will be unprepared for problems that arise – and they always do. Clients will be paying their consultant to learn the new OS. It’s an easy (albeit ethically-questionable) opportunity to gather up some funds for holiday gifts, right?

For internal IT Admins, end users who install a new OS on their own can spell disaster for the company. Security concerns, apps that aren’t {NewOS}-ready, general confusion as some functions move or are deprecated all become the problem of the company’s IT staff. Their time shifts away from projects and security to putting out fires, downgrading systems (where that’s even possible), calling software developers to find out when their apps will be ready for the new OS, and other emergency tasks.

But, for those IT Administrators/MSPs/Proactive Consultants who use mobility management tools, well, they are working normal hours, taking lunch, and sleeping well at night. Their job stress is at its usual level because they have the tools to control these events. These admins know that with a couple of clicks, they can secure the company computers and keep them falling into a nightmarish situation. They will use the feature built into their Directory Service to block access to the OS upgrade. They will continue to #BeTheHero in their organization and with their clients by making sure that upgrades don’t happen until all the supporting systems are in place, until all the apps are ready for a new OS, and until they’ve had enough time to test the new OS in a variety of situations and configurations. 


A word of caution – not all mobility management tools or Directory Services are created equal. JumpCloud makes this easy. Check your products out now. Right now. Do not wait. Be sure you can check the box to block Monterey and block Windows 11. Check out this new feature in JumpCloud, protect your workforce, and watch how (remote) work gets done.


How to Block MacOS 12 Monterey Using JumpCloud Policies

How to Block MacOS 12 Monterey Using JumpCloud Policies
  1. Navigate to Policy Management windows in your JumpCloud console.
  2. Click the + icon to create a new Policy.
  3. Navigate to the Mac tab.
  4. Search for the term Monterey (the list of available policies with automatically begin to filter as you type).
  5. Click the Configure button next to the policy titled “Block macOS Monterey Installation”.
How to Block MacOS 12 Monterey Using JumpCloud Policies
  1. After reading through the policy details, select the Device Groups tab and check the box next to each group to which this policy applies.
  2. Click Save.
How to Block MacOS 12 Monterey Using JumpCloud Policies
  1. Read through the Configuration Associations screen to be sure you have accounted for the correct group assignments; click Save to implement the policy.

NOTE: This policy takes effect on the next logout/login cycle or the next restart. If needed, you  can use the Security Commands to force restart a computer to complete the policy implementation.

Continue Learning with our Newsletter