Apple® Worldwide Developer Conference (WWDC) 2019 has come and gone, and with it came the introduction of the next iteration of macOS®: 10.15, also called Catalina™. While the new OS version brings some updates to look and feel, it has also raised several questions. In this blog, we will ask what are Apple notarization and MDM application allow/deny, and what do they mean to managing Mac® ecosystems? Let’s dive in, and answer those questions.
What are They?
Recently, Apple’s App Store has been receiving flak regarding applications that have been breaching users’ privacy or otherwise affecting user systems with malware or other nasty bugs. To do protect users, they introduced Gatekeeper™ in macOS 10.5, Leopard. Gatekeeper is a technology designed by Apple to safeguard macOS users from unnotarized and potentially malicious applications.
Notarization essentially means that Apple will examine an application to verify that it does not contain any malicious components. As a part of Catalina, Apple has declared that they will tighten their notarization requirements for applications that can be used to affect Mac systems and devices.
MDM Application Allow/Deny
While Apple has clearly shown that they are moving towards a more restricted and ultimately more secure path for managing applications on macOS systems, notarization isn’t always a viable option for certain applications. For example, applications built in-house may not be a viable candidate for the notarization process with Apple so now what?
With the enhanced levels of control provided via the Mobile Device Management (MDM) Protocol, there’s another way. The MDM Protocol provides admins with many more options and tools to manage their fleet of systems than would otherwise be available. For example, the MDM protocol provides admins with the ability to allow certain applications to ensure that they are able to run properly on the system without getting blocked by Gatekeeper. This MDM app allow/deny route ensures that applications are able to continue running properly in Catalina without requiring the application to become notarized.
So, What Does It All Mean?
Notarization and app allow/deny are more or less a gateway for non-Apple software to be used for Mac management. In their recent Catalina reveal, Apple has declared that MDMs are to become the main tool to be used to manage macOS and iOS devices.
JumpCloud has been the leading user management system for Macs and is already hard at work preparing to support the release of Catalina. The JumpCloud Product team is constantly working to provide deeper and enhanced capabilities to manage macOS systems, but also Windows and Linux along with connecting users to applications, storage solutions, and networks as well. In short, JumpCloud’s Directory-as-a-Service® is reimagining directory services for the modern era of IT. The good news is that this approach has made JumpCloud a standard in Mac management with over 75,000 organizations using the platform.
If you would like to learn more about notarization, application management, or macOS Catalina in general, feel free to contact us. We would be happy to share our information on the topic with you.
Not a JumpCloud Customer?
You might have already heard of JumpCloud, but if you haven’t, let us be the first to introduce you to JumpCloud Directory-as-a-Service. JumpCloud is the first cloud directory service, enabling IT admins to manage users and their access to systems, networks, applications, infrastructure and more from a single cloud admin console.
You can try JumpCloud absolutely free, with no credit card required. Your JumpCloud account comes with ten complimentary users, available forever, as well as full reign of the product.