In episode 7, Victoria got another update from Tom on his ongoing deployment project.
Sharing is caring...about security
At this stage of the project, Tom’s team is getting the shared iOS devices into the hands of employees, which has obvious security implications. If any employee can grab any iPad in the store, how do we ensure that they have the correct access?
Rather than creating an account for each employee on each of these devices, Tom’s team mapped the point-of-sale app on the devices to the organization’s identity provider and essentially stripped away all other features. Now employees can access the POS app they need using the same credentials they would use to log into any other corporate system. This ensures that employees never have admin privileges on the devices or get access to data they don’t need. Considering these devices are used for collecting payments, this approach also ensures regulatory compliance.
macOS Security Compliance Project
One interesting tidbit that Tom offered was the macOS Security Compliance Project (mSCP). This open-source initiative is basically a manual that organizations can follow to ensure that Mac devices comply with the latest security standards and regulations.
The mSCP is loaded with checklists, documentation, scripts, and configuration profiles that organizations can use to enhance their security frameworks. As Tom puts it, “One of the great things about this project is that once you define the baselines or the standards that you want to meet...it will print out all the scripts, all the MDM configuration profiles, and all the guidance that you need to implement these standards and you just upload them to your MDM solution and go.” Following its recommendations can help organizations keep data safe, avoid hefty fines, and make sure they aren’t caught off guard by security threats.
It even generates audit reports, saving a ton of time and effort. “So all those audit documents that every organization loves filling out and spending hours going over with their auditors can be generated in a matter of minutes as opposed to hours or days.”
Anyone interested in evaluating their Mac security and compliance posture would do well to research the mSCP. For even greater insight into whether your environment is ready for Mac, get a free Mac readiness evaluation from SHI by visiting SHI.com/MacAssessment.
