Simplifying the Management of Cross-OS IT Environments

Many IT environments across organizations include a variety of operating systems such as macOS^®, Windows^®, and Linux^®.

Prior to the emergence of centralized, cross-platform MDM solutions, IT administrators dealing with such a diverse environment were challenged managing devices and users across each operating system. Each OS has its own separate ecosystem of applications, programming languages and methods of establishing policies/configurations, and they weren’t known for meshing well together.

In particular, Mac and Linux machines have always been in a completely separate silo compared to Windows. Microsoft Active Directory did not fully manage them without the need for third party add-on solutions.

For instance, in the past, to enforce the Mac equivalent of Group Policy Objects (GPOs), you had to leverage a third party Mac management solution, which was yet another on-prem, enterprise server-based solution. This is just one example of how the management of cross-OS environments doesn’t work using a siloed approach compared to thinking about it and managing it in a holistic way.

Attempting to manage cross-OS devices separately is an outdated, time-consuming, and difficult approach that’s no longer worth it now that viable alternatives exist, especially with the staying-power of fully remote and hybrid workplace environments.

When it comes down to it, user identities are at the center of everything, so implementing an all-inclusive cloud directory solution that offers cross-OS device and user management can solve numerous problems for organizations that want to move away from on-prem infrastructure and tedious, manual tasks.

JumpCloud’s Comprehensive Solution

After realizing that this siloed approach was not sustainable or productive for IT admins, JumpCloud stepped in and created such a holistic cloud directory solution that allows for just that — centralized management of cross-OS IT environments.

This provides benefits like centralized and simplified identity management (a combination of user and device management), security configurations, SSO and user lifecycle management, event logging and reporting, and API automation, among other things. 

This comprehensive solution removes the need for multiple point solutions and the need to think about each OS separately — IT admins can easily and efficiently manage macOS, Linux, and Windows devices from the same control pane using the JumpCloud Directory Platform. No matter what your cross-OS IT environment looks like, you can apply policies, control and secure users and their associated devices, and run remote commands using the features built into the platform.

To dig deeper into this new way of thinking about unified device management, it’s important to first understand why previous point solutions should be left in the past. Though there might be different methodology involved in the setup and maintenance of cross-OS IT environments, having a centralized platform where you can view and manage everything creates a huge user-experience improvement for IT teams.

Centralization allows overarching strategies to be applied and managed across devices that use different operating systems, eliminating the need to spend substantially more time dealing with each OS separately. The increased visibility that a centralized platform provides is paramount when making decisions and changes within your IT environment.

A few topics we want to dive into are how JumpCloud’s cloud directory platform allows IT admins that manage cross-OS IT environments to maintain clear, organized inventory of apps and software, ensure security and compliance are up-to-speed, apply and manage policies, and configure settings such as screen lock timeout all from the JumpCloud Console. Comparing this to the archaic, siloed method used in the past shows us how far we’ve come and why this approach is impractical.

Software Installation

Without a centralized cross-OS user and device management solution, there are a plethora of challenges that IT admins face. There is no single point of visibility into what’s happening across the entire fleet of cross-OS devices, making it incredibly difficult to support applications and software across the environment as a whole, keep accurate inventory of the apps you have installed, and have a clear idea of what’s installed where.

Using the outdated siloed approach to install software on a Mac device, you have to have remote access to it in order to run the DMG or PKG files or have a tool such as Munki setup, which involves a lot of background work and approving applications for rollout.

To install software on Linux devices, you have to use Secure Shell (SSH) to perform maintenance on the machine or select it from the repository, which means you need access to the device, whether that’s physical or remote. To install software on Windows devices, you can roll it out using GPOs and scripts, but that would only work if the machine is located in the office or can access the corporate network via a VPN. 

Now, to install software using JumpCloud’s centralized approach, you have several options — all of which can be viewed and managed from one place. For Windows, you can use the built-in software management which is based on Chocolatey, an open-source package manager for Windows. 

To manage software on JumpCloud MDM-enrolled macOS devices, you can remotely add and assign Volume Purchase Plan (VPP) apps from Apple Business Manager as well as preconfigured custom app packages to devices or device groups for added efficiency. The preconfigured custom app packages can be developed by you or a third-party to meet your organization’s specific needs, and the installation is streamlined and facilitated by JumpCloud MDM. You can also opt to use commands in the JumpCloud Console to download software to macOS machines.

For Linux devices, you can use commands and scripts to roll out and install new software. JumpCloud’s command feature is like having a permanent SSH session to the device that you can leverage to install applications. Though the methodology for installing and managing software across different operating systems is still different, being able to deal with everything in one place is a massive time and headache-saver.

Encryption Management

Managing encryption in a cross-OS environment without a centralized solution in place forces IT admins to keep track of countless pieces of software and deal with numerous separate vendors that focus solely on one OS and offer absolutely no support for others. This leaves little time for anything else when your IT team is sifting through a bunch of vendors and software trying to figure out what’s going on across each system, and this is a problem.

To manage encryption using the old siloed method, you need a bunch of different software. AD can manage BitLocker keys, but macOS and Linux machines need something else. For Macs, you might have used a third-party MDM provider to install an MDM profile and manage the encryption, but for Linux, it’s a much more manual process that involves storing the recovery key or writing it down if you’re doing an encrypted install. This is substantially more work than it needs to be, especially when you have the option to manage it within a centralized platform. The ability to handle all of these workflows and tasks in one place is more than ideal for IT teams that already have a lot on their plates.

Luckily, using JumpCloud’s centralized solution, managing cross-OS encryption is an absolute breeze. You go into the JumpCloud Console, select ‘Configuration Policies’ and find the BitLocker or FileVault policy. Linux is an entirely different beast and has many different solutions for disk encryption, but using JumpCloud’s Commands Module, you may be able to manage those solutions remotely. 

Policy Management

In the pre-JumpCloud era, system and device management by enabling and disabling features was a tedious and manual process. For example, if you want to disable a guest user account and change the login screen behavior, you have to take various steps across each operating system to do so. For Windows, you can do this via a ‘Group Policy’. For macOS, you will have to add some ‘Group Policy’ add-ons or have a macOS server on the network. For Linux, you can join it to the domain, but you will end up resorting to editing configuration files yourself or, again, looking at a third-party software solution to manage the policies. Dealing with policy management across each OS separately is unnecessary and cumbersome. The ability to enjoy a bird’s eye view of your total policy landscape dramatically improves the way policies are managed across your entire organization.

In the post-JumpCloud era, you can manage almost every aspect of your Mac or Windows environment in one place, including policies — all from the JumpCloud Console — from login windows to desktop wallpapers to disabling the use of USB storage. When it comes to Linux, JumpCloud has policy options available, but the focus here is more on providing the ability to push commands to Linux machines, allowing virtually anything to be done.

Firewall Controls

The siloed approach to something like firewall control results in a lot of manual implementation across each device; whereas, a centralized approach allows you to manage your firewalls across each OS from one platform and avoid wasting resources on tedious tasks. Using this difficult approach, Windows Firewall can be managed by a GPO and Active Directory; however, macOS and Linux devices are not so lucky. It comes down to either manual management or a third-party MDM service for macOS and manual configuration for Linux.

However, using JumpCloud’s holistic platform, you can control the firewalls for both macOS and Windows using the ‘Configuration Policies’, which include enabling stealth mode for Mac and Windows devices and prohibiting or allowing different network types to be utilized. The majority of Linux management is done by executing commands in the JumpCloud Console via Bash scripting. Although this is still an unavoidable manual process, the ability to manage your firewalls on top of everything else in your cross-OS IT environment in a single place is far superior to the old fragmented approach.

A Solution That Does the Work for You

Whether your biggest issue with your current cross-OS IT environment is software installation, encryption, policy management, firewall control, identity management, or something else, JumpCloud provides a simplified and reliable solution. Using JumpCloud to manage macOS, Windows, and Linux devices is drastically more efficient compared to using GPOs or a variety of third-party services and add-ons. This is especially relevant in the current climate where a lot of organizations are taking advantage of fully remote and hybrid work environments, and on-prem infrastructure and point-solution vendors are no longer needed or wanted.

To free yourself from the confines of trying to manage each OS and device in your environment separately, try JumpCloud for free, including all of its premium functionality. Your first ten users and ten devices are free while you test the platform out to see if it’s right for your specific environment. If you need any help getting started, you’ll also receive ten days of 24×7 premium in-app chat support.