Employees that rely on technology to get their jobs done should never be hindered by that technology. If someone is expected to process a transaction with a handheld device, they shouldn’t need to worry about that device not having a good network connection.
We talked in episode 2 about technology being an enabler, and while that discussion centered around accessibility, it applies to everyone. Every organization should strive to make it as easy as possible for their employees to do their work.
That’s the core of both discussions in this episode of We Got Your Mac.
Make the net work
In our first segment, we get an update from Tom Rice on his ongoing deployment project. At this phase of the project, the team needed to get the customer’s network up and running so that they could test the deployment and configuration of devices.
The goal was a seamless network that would be recognized by any company-owned device regardless of location. In a case where an employee is travelling to different stores or devices need to be moved, there should never be a question of what network to use or how to connect. This is easy to configure using a mobile device management (MDM) solution as they can remotely push these settings to every device.
Everything was going according to plan until the team hit a roadblock; the devices in one of the locations couldn’t connect to Apple’s servers to get the network configuration profile from the MDM.
Fortunately, the team had the right tool for the job: the Mac Evaluation Utility (MEU). The MEU is a tool provided by Apple that gathers information about your IT environment and displays it in an easy-to-read interface. It checks VPN status, whether FileVault is enabled on devices, and can test the network’s connection to Apple’s servers, among other things.
In this instance, the MEU showed that a port required to communicate with Apple’s configuration server was being blocked by the firewall. It turned out that some networking equipment in that location had been restored to default settings, which automatically enabled a firewall that the team wasn’t aware of.
Without this simple tool, there's no telling how long it might have taken to resolve the issue. Now the customer has a network that makes everyone’s life easier.
The Mac Evaluation Utility can be downloaded directly from SHI. Just submit your information for a Mac Readiness Assessment at SHI.com/MacAssessment to get the download link.
Platform SSO
Next, we talked to Steve Weiner, Principal Architect at SHI and recently awarded Microsoft MVP about a very important update to Microsoft Intune: platform single sign-on (SSO).
With platform SSO, Mac users can now log into their devices using their Microsoft Entra ID credentials, essentially moving local device authentication to the cloud. The laundry list of benefits makes this a huge update and a boon for admins charged with managing Macs in Microsoft environments.
Mac users can now use a single set of credentials to log into just about everything: Office 365, SharePoint, Edge, and the Mac itself. This not only reduces the number of passwords users need to remember but also reduces the burden on IT as they no longer need to worry about forgotten local Mac passwords.
Security gets a boost here too. For organizations that require Microsoft Authenticator, the Macs are secured with multi-factor authentication. Once users are logged in, they can use Touch ID (when available) to unlock the Mac, further simplifying the employee experience. The centralization of logging and monitoring of user activities can also help in detecting and responding to security incidents.
Simply secure
By securing their network and configuring company-owned devices to only connect to that network, Tom's retail customer has ensured that users can’t gain unauthorized access to company data. Configuring Macs to use Microsoft Entra ID as the primary login portal adds another layer of security to company-owned devices that may have otherwise been vulnerable due to lazy passwords.
A recurring theme over the last two episodes has been that one of the biggest vulnerabilities in any organization’s security posture is the end user. Whether we’re dealing with stockpiles of workflow screenshots collected by the latest helpful AI tool or malicious phishing websites asking for login credentials, it’s vital that every organization take whatever steps they can to reduce the likelihood of bad actors exploiting end users.
--
Be sure to check out WeGotYourMac.com for more episodes and content on Mac adoption and other end-user computing topics.
This episode of We Got Your Mac is presented in collaboration with SHI’s Mac Readiness Assessment. For a limited time, eligible customers who complete the assessment get a free trial of top-tier MDM solutions like Jamf Pro or Kandji. Visit SHI.com/MacAssessment today to see how SHI can unlock the full potential of your Apple fleet.