JumpCloud’s Zero Day macOS Big Sur Support Gives Admins Options & Advantages

Written by Leia Schultz on November 12, 2020

Share This Article

Ready or not: macOS® Big Sur is here! While the much-anticipated OS release introduces quite a few changes, the most significant one for Mac® administrators is that Apple®’s MDM protocol is now the only way to manage Mac devices running Big Sur and later versions. 

If it inspires feelings of panic, it’s justified: Unless you enroll end user devices running Big Sur into an Apple MDM, you’ll lose the ability to do essential tasks that we’ll cover in this blog. You can ease your worries by enrolling in JumpCloud MDM today in minutes, and get your questions answered by JumpCloud’s MDM lead when you sign up now to join Office Hours on Friday, November 13th.

Don’t Lose Control Over Macs Running Big Sur 

Mac admins should have total control over how Big Sur and any OS update are introduced at their organization. But there are certain changes with macOS Big Sur that will have an impact on device management and security that an MDM solution may or may not be able to assist with.

If your end user Mac computers are not enrolled in an Apple MDM, then you’ll lose control over things like being able to silently deliver and install configuration profiles on devices. JumpCloud’s MDM-powered policies are how admins deploy configuration profiles to Mac computers running Big Sur and following versions, without end user interaction, for critical Mac controls like:

  • Lock Screen: The end user’s screen saver will lock after the amount of seconds specified, and a password will be required to unlock the screen saver. 
  • FileVault: Remotely enforce FileVault on macOS devices and easily view Recovery Keys in your JumpCloud Admin Portal. FileVault full-disk encryption (FileVault 2) helps prevent unauthorized access to the information on your user’s startup disks.
  • Disable USB: Prevent mounting of external storage devices, including USB and SD flash devices.

Only with MDM can you also customize your Mac computer controls with the JumpCloud MDM Custom Configuration Profile Policy, which lets you upload and distribute MDM configuration profiles (.mobilconfig files) to enrolled devices, to deliver payloads for certificates, kernel extensions, privacy preferences, WiFi, and more. Learn more about configuration settings in our MDM simulation.

Enrolling in JumpCloud MDM also enables you to choose when macOS Big Sur is introduced at your organization. 

And coming soon: JumpCloud is building a new policy that will give you the ability to get around Big Sur’s perilous change to device screen sharing and recording. Out-of-the-box macOS Big Sur computers by default will not let non-admin users permit an application like Zoom or Google Meeting to share or record their screen; devices that upgrade to BigSur maintain existing screen sharing permissions. If you’re an admin, you can expect a surge of help tickets when end users encounter this. Or, you can avoid that hassle with this soon-to-be-released policy for enrolled devices.

Don’t Let Big Sur Macs Go Unguarded

Whether you’re on a large IT team or a team of one, you need to be able to rapidly secure end user Macs in the event they’re stolen or misplaced. If Big Sur Macs aren’t enrolled in JumpCloud MDM, you will lose your ability to protect the sensitive corporate data devices may contain.

JumpCloud MDM’s point-and-click security commands enable admins to restart, shut down, lock, or even wipe Macs remotely, so you have supervision over device security at scale and wherever employees work. 

How Can You Enroll in JumpCloud MDM?

Hopefully this is the question you’re asking if you’ve read this far.

There’s a JumpCloud policy to easily enroll one or many Mac computers into JumpCloud MDM, so you can begin to manage and secure all the Macs at your organization. It really is that simple to implement. 

What about the end user experience? With JumpCloud’s device-native Mac Application, managed end users follow a simple workflow to remotely enroll in JumpCloud MDM and make their devices available to receive configurations and security commands.

Try Before You Buy 

Need the ability to remotely secure and configure Mac computers, from wherever you’re working to anywhere the devices are? Naturally. All of this Mac management alongside Windows® and Linux®, too? That’s right!

There’s no shortage of MDM services to choose from, but not all MDMs enable admins to achieve what you can do with JumpCloud MDM. With JumpCloud’s directory platform, you can conquer more tasks with a single solution.

But before you buy, try it out: Set up a JumpCloud Free account and unlock access to the full platform to evaluate with up to 10 users and 10 devices. Plus, you’ll get free premium chat support with technical experts for your first 10 days of use.

Leia Schultz

Leia is a product marketing manager at JumpCloud who focuses on the insights and device management products in the Directory Platform. A native Boulderite, she can be found frequenting local breweries, OZO coffee shops, and hot sauce suppliers, and enjoys seasonal outdoor activities like camping, biking, and skiing (which are all better when partnered with beer, coffee, and hot sauce).

Continue Learning with our Newsletter