By Zach DeMeyer Posted May 2, 2019
Despite the meteoric rise of Apple® Mac® usage in the enterprise, IT admins are still struggling to manage MacBooks®. It’s a pain point common across organizations large and small, with very few solutions available to address the need. But, why is managing MacBooks so difficult?
Traditional System Management
From the early days of modern IT, system management has been carried out by Microsoft® platforms, like Active Directory® (AD) and SCCM. Of course, given that the average IT system environment was almost exclusively Windows® OS-based, it only made sense to use a management platform designed specifically for Windows.
At the time, the MacBook (or more appropriately the Mac) was barely even a blip on the radar. Apple was fighting to become a true contender in the business space, and realized that in order to do so, they needed their own version of system management.
Apple Open Directory
Their response to the AD/SCCM powerhouse was Open Directory. With Open Directory, admins could more tightly control their Mac environments. As the platform developed, Open Directory’s aura of influence spread to select non-Apple resources as well, through the integration of Kerberos and OpenLDAP™.
Unfortunately, Apple’s eye shifted from the enterprise to the consumer, foregoing development of Open Directory but leading to developments in tech like the iPhone, and eventually, their next generation laptop offering, the MacBook. Left with no way to effectively manage Macs and their users, IT admins faced a bigger challenge: managing a changing IT landscape with cloud infrastructure, web applications, and mobile devices.
Managing Laptop Systems en Masse
The laptop has revolutionized the way employees’ work can be carried out. Unlike the immobile desktop, the laptop enables a freedom of location for workers, whether in the office on-prem, or remotely around the world. Pair the mobility of the laptop with the range of WiFi, and end users can carry out their work almost anywhere.
Of course, while this was a great boon for the prospect of remote work, the laptop presented a major hurdle for IT admins. Not only did they have to manage systems like the MacBook, which did not graft well into AD environments, but on top of that, IT admins needed to find a way to extend authorization from their traditional on-prem tools to mobile systems. Quite the pickle indeed.
Modern MacBook Management
Half of a Bigger Picture
Realizing the apparent drawbacks of managing MacBooks, among other laptops, with an AD setup, some vendors decided to pounce on the vacuum that was created. There are several solutions on the market that can be used to manage MacBooks and other Apple systems. These include, most predominantly, mobile device managers (MDMs).
MDMs are an effective tool for IT admins to control the Mac systems, including MacBooks and iPhones, being leveraged by their end users. But, while they are useful in that regard, MDMs and other similar solutions cannot manage the identity of the end user with a MacBook, a major part in the full picture that is managing MacBooks or other Mac devices.
Identity Management: The Cornerstone of IT
In this day and age, the identity is the cornerstone of security, and the system acts as the gateway for said identity to utilize the various resources that employees need to do their jobs. In the Microsoft-centric environments of old, AD and SCCM could do so without question, but modern identity management is another story.
As IT organizations started to branch out and leverage non-Windows-based and cloud solutions such as Mac and Linux, AWS®, G Suite™, Samba file servers, WiFi access points, and more, the modern IT network became significantly harder to manage and maintain. Add to that security threats, mobile users, and web applications, and it is no wonder that IT organizations are struggling to manage their IT infrastructure, MacBooks or not.
Manage MacBooks and More from the Cloud
The good news is that there is a next generation approach to IT systems and user management available from JumpCloud®. The Directory-as-a-Service® platform tightly manages and connects users to virtually all their IT resources including their Apple macOS-based systems.
Among the critical capabilities of managing Mac systems with Directory-as-a-Service is the ability to control user identities, enable and manage FileVault® and two-factor authentication (2FA) to the system, and much more. Add on top of that the ability to manage application and network access through LDAP, SAML, and RADIUS, and you have a more complete picture of MacBook management.
Try JumpCloud Free
You can manage MacBooks with JumpCloud for up to ten users absolutely free. Simply sign up for JumpCloud to get started, no credit card needed, and see what Directory-as-a-Service can do for you. Please contact us if you have any questions.