Lock Down Your Device – Mac OS X MFA

Written by Rajat Bhargava on July 18, 2016

Share This Article

There has been this interesting movement over the last few years where pundits and analysts proclaim the death of the computer.

Basically, the thought process is that the cloud is doing away with the smart computer. It will be replaced with a ‘dumb terminal’ that just needs to connect with to the Internet. Chromebooks are in this vein and so was the Oracle thin client computer from the 2000s.

The problem with this theory is that it hasn’t held up. In fact, people are buying more computers, smartphones, and tablets than ever. The issue is actually a different one.

The Real Device Trend at Play

Device Management

The more pressing question for enterprise is this: how you can lock down your devices and enable users to leverage the cloud from anywhere?

Laptops are no longer behind the firewall – they are utilized everywhere from home, coffee shops, on the road, and elsewhere. These machines are subject to the open Internet and are touching more websites than ever before. That means more chances for a breach.

The device management game has undergone major changes as the shift to WiFi and the cloud has introduced new security risks and rewards.

While there are a number of ways that organizations should protect their Mac, Windows, and Linux machines including anti-malware software and full disk encryption, we are going to focus on one area for the popular Mac OS X platform: multi-factor authentication or MFA / 2FA in short.

MFA for Devices

Multi-factor auth means that there is a second item that the user is required to enter when logging into the device. So, when you log into your Mac laptop or desktop machine, you’ll enter your username, password, and then a token generated by your smartphone.

This is a significant level up of the security of the device. If a device is lost or stolen, the hacker would not be able to crack the password and log in. They would also need your phone. This makes life a lot more difficult for would-be hackers and improves enterprise security exponentially.

MFA is a Critical Security Feature

As we know, our laptops and desktops aren’t thin client computers. They have sensitive data on them. Even with organizations and users leveraging the cloud, source code is developed on machines, customer lists are saved on the computer, and employee data is manipulated in Excel on a Mac.

Maybe some day the prognosticators will be proven right and most computers will be ‘dumb terminals’ that leverage IaaS. But that hasn’t happened yet and it won’t happen for years into the future. The reality is that the device matters a great deal and locking it down it critical.

Mac MFA is one of the strongest methods to secure a person’s device.

Multi-Factor Authentication for Mac OS X


Okay so how do you manage your Macs in the enterprise and implement MFA on all Macbooks and iMacs?

Mac MFA capabilities are provided as a part of JumpCloud’s Directory-as-a-Service® platform.

JumpCloud’s cloud-based directory service is a central user management system that helps IT admins connect user identities to the IT resources they need including systems, applications, and networks. As a part of our systems user and device management capabilities, JumpCloud offers Mac 2FA capabilities.

If you would like to learn more about how you can lock down your Mac devices through MFA, we have a step-by-step guide in our knowledge base on how to enable MFA for Mac OS X.

If you want to get your hands on JumpCloud’s innovative Directory-as-a-Service, you can give it a try. It’s easy to get started and your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is an entrepreneur, investor, author, and CEO and co-founder of JumpCloud. An MIT graduate with over two decades of high-tech experience, Rajat is a ten-time entrepreneur with six exits including two IPOs and four trade sales.

Continue Learning with our Newsletter