By Greg Keller Posted March 11, 2015
In the second installment of our series on how IT admins can better manage their Mac devices, we will discuss common problems that need to be solved with Mac devices.
IT administrators have three major problems with their Mac devices: controlling access to the device, managing the device, and ensuring a secure platform. Many organizations already have robust solutions in place for their Windows devices. IT admins are looking for that same level of depth with their Macs and they’d like all of those management capabilities, for all devices, in one central admin platform.
The Three Major Issues with Mac Management:
Controlling access with Macs is not easy. While the systems can be connected to AD or the open protocol, LDAP, there are serious limitations including how to provide for more secure access with multi-factor authentication. In scenarios where AD or LDAP do not exist, there’s no control over access unless it’s manually managed. Many organizations have opted for the unmanaged approach with Macs. They often will be able to connect to the corporate wireless network, but then won’t authenticate to a central directory or domain controller. Users will have to manually login to each service needed. IT admins must manually provision and deprovision Mac users on each device and application.
As with any other type of desktop or laptop, Macs can have issues, can require patching, and can they fail. IT admins have many easy-to-use tools to help manage Windows devices, but Macs require expensive enterprise-class software. IT managers are looking to control such items with device locking, remote wipe, disk encryption, software installation, password length and rotation, and numerous others features. Admins are looking for the ability to remotely manage the device through a central management tool.
Unmanaged Macs represent serious security risks to an organization. While they’re touted to be more secure with fewer viruses and trojans, unmanaged Macs cause risk with data leaving the organization. With many of today’s developers having full development environments on their Macs with source code (often with full “Administrator” level access on the device), a terminated employee could still have full source code access to an organization’s applications. It is misleading for IT admins to believe that because the macOS platform appears as more secure that the organization is secure. Users, as most IT admins know, are often the weak link in security.
Macs pose a number of significant challenges to the enterprise. IT admins knows this and often struggle with the best way to solve these issues. In part 3 of our series, we’ll explore the different options that IT organizations have to control and manage their Mac fleet. You can also view a recent webinar that talks about how to manage Macs in the Cloud-forward Enterprise, shown below.
This blog post is part of a four part series. The 4 topics can be found below:
- Mac Management Part 1: History of Macs in the Workplace
- Mac Management Part 2: Issues with Mac Management
- Mac Management Part 3: Traditional Mac Management Solutions
- Mac Management Part 4: DaaS Manages Macs