Prevent a Big Surprise: Prepare for macOS Big Sur

Written by Scott Reed on August 21, 2020

Share This Article

All puns aside, the next major macOS® release, macOS 11.0 Big Sur, introduces major changes for device management that IT administrators need to plan and prepare for.

Over the past few years it’s become clear that Apple® is just as focused on end user security and privacy as it is on hardware and software. In Apple’s farm to table strategy towards devices, where it has complete ownership and control over the ecosystem and life cycle of a device, Apple writes the rules in regard to how devices can be remotely managed.

What is Big Sur Changing? 

Prior to macOS Big Sur, the Apple MDM framework was Apple’s recommended method for enforcing the “rules” for device management where other methods, like the profiles command, were supported alternatives.

Starting in macOS Big Sur, Apple has drawn a line in the sand: the MDM protocol is now the sole, de facto method for configuring and managing Apple devices.

The profiles command, which allows for the silent install of configuration profiles from the command line, is deprecated in macOS 11. This leaves MDM as the only method administrators can use to silently deploy configuration profiles to systems.


This is an example of trying to use the profiles command to install a profile in macOS Big Sur beta from the terminal. This returns the message profiles tool no longer supports installs.


In short Apple MDM is no longer an option for macOS device management in 2020 and beyond it is now a hard requirement.

Administrators with devices under JumpCloud®  agent management can quickly prepare for macOS Big Sur by enrolling their existing device in JumpCloud MDM in just a few clicks using the MDM enrollment policy.

What Does Big Sur Mean for JumpCloud?

To leverage JumpCloud macOS policies, which deliver configuration profiles to systems, systems must be enrolled in JumpCloud MDM prior to upgrading to Big Sur.

JumpCloud’s wide system management capabilities extend outside of the Apple MDM framework.

For macOS device identity management capabilities, MDM enrollment is not required and administrators who may be using JumpCloud alongside an alternative MDM vendor can continue to leverage this implementation.

The only caveat relative to Big Sur: If a system is enrolled in an alternative MDM vendor, then JumpCloud Policies will not be able to be enforced in these systems. JumpCloud commands, user management, and the end user Mac App are not reliant on a system being enrolled in JumpCloud MDM.

Why Enroll in JumpCloud MDM?

For IT professionals who are without an Apple MDM, getting one in place before Big Sur releases in the fall needs to be a priority.

JumpCloud’s unique ability to enroll end user systems into MDM without any end user interaction, plus its device management capabilities for Windows® and Linux® alongside macOS, makes the platform a very compelling option for admins to consider if you’re on the hunt for an MDM solution.

The clock is ticking for the release of macOS Big Sur, the new reality for Mac admins. Prevent the Big Surprise by getting an MDM solution in place before it’s too late! 

Try JumpCloud MDM Free

Anyone can try JumpCloud MDM and the entire cloud directory platform by setting up a JumpCloud Free account for up to 10 users and 10 systems. Learn more about preparing for Big Sur with JumpCloud by joining me at JumpCloud Office Hours on Aug. 28.

P.S. — Need to buy some time? JumpCloud offers a macOS Policy that admins can leverage to prevent standard users from upgrading to macOS Big Sur. ?

Scott Reed

Scott Reed is a Product Manager on the Devices team at JumpCloud. Prior to joining the Product team, he led the Solution Architecture team at JumpCloud. In fact, Scott is the original author of the JumpCloud PowerShell module. Scott’s background is in Corporate IT. Outside of work Scott loves to seek out fresh air and adventure with his wife, two young sons, and their black lab Lucy.

Continue Learning with our Newsletter