By Greg Keller Posted March 12, 2015
This blog post is part of a four part series. The 4 topics can be found below:
- Mac Management Part 1: History of Macs in the Workplace
- Mac Management Part 2: Issues with Mac Management
- Mac Management Part 3: Traditional Mac Management Solutions
- Mac Management Part 4: DaaS Manages Macs
Macs have become a core part of organizations. The challenge for IT is being able integrate them into the infrastructure and gain the control and management capabilities they need. In our previous posts, we discussed why and how Macs emerged as a major platform. We also discussed the environmental challenges of introducing Macs. In our second post in the series, we discussed the specific challenges that IT admins are looking to solve for their Mac users and devices.
In this third installment of our series on how to manage Macs, we’ll explore the traditional options that organizations have to solve the problem of Mac management and control. Historically, there have been three solutions: no management, manual management, and enterprise software solutions. Each of these is described in more detail below.
Some organizations allow Macs on the network but don’t manage them at all. This is common for start-ups ramping up their employee base and in “bring your own device” (BYOD) contexts. User access is not controlled, security is not managed, and the users are largely on their own from a desktop support perspective. Or, in some cases, IT admins will help where they can, but they don’t have the tools to remotely execute tasks or manage the device. This is the most common scenario in smaller organizations, or organizations where there isn’t Active Directory or LDAP.
Admins who have security concerns or that are connecting to AD/LDAP may choose to set up and manage the Mac devices manually. There may be a standard Mac “build” with admin accounts created on the device. This enables IT admins to control users and support with issues. But it is not scale-able. Similar to the no management scenario, the device may not be connected to a central directory for authentication. If it is, the authentication capabilities are rudimentary and often difficult to set up.
Enterprise-Class On-Premise Solution
Larger enterprises may have enterprise-class administration tools including those with identity access control. These solutions often have an agent on the Mac device that helps with access control and management. The server software is housed on-premises and is used to manage the entire desktop infrastructure. However, this scenario becomes a challenge as the organization decides to move to Google Apps (now known as G Suite)/Gmail or starts to shift their infrastructure to the cloud.
Moving Beyond Traditional Solutions
For modern, innovative organizations, none of these approaches will suffice. Their IT admins need an infrastructure that is agile, scalable, and resilient. Increasingly they are turning to cloud-based solutions, where they have both the availability to let their users bring whatever devices they want, and take security controls seriously in an era where theft of identities can lead to access to a company’s crown jewels.
In our final post in the series, we’ll discuss the approach that modern organizations are taking with Mac management. You can also learn more in a recent webinar, Managing Macs in the Cloud-forward Enterprise, found below.