IAM Capability: Mac® System Management

Identity and Access Management Mac Management (pic of macbook pro)

Macs® are more popular than ever with end users as Microsoft®’s hold on the desktop market declines. With the uptick in Mac usage, the challenge for IT organizations becomes how to properly manage them—both from a user and system perspective. Is there an identity and access management (IAM) capability for Mac system management? Well, the answer depends on what solutions you are using for IAM.

Mac® System Management in a (Once) Windows® World

Traditional Domain

Traditionally, systems have been controlled by Microsoft IT management solutions, such as Active Directory® and SCCM. Of course, traditional IT environments were almost entirely Windows®-based; wall-to-wall PCs touting Office, Exchange, and Outlook® were an industry standard. In fact, Microsoft innovated in the identity management space by integrating the concept of Windows system management with directory services. In AD parlance, this was performed by GPOs (Group Policy Objects). While they served as effective tools for Windows shops, GPOs could not be used cross-platform.

As Apple® climbed into popularity in the mid-2000s, many end users began craving Mac laptops and desktops as their system of choice. While much more productive for end users that knew how to use them, IT admins struggled to manage these macOS® systems both from a user and system management perspective.

Developing IAM for Macs

Cloud based identity and access management

Over time, a generation of enterprise-class, Mac system management tools emerged, including Apple Open Directory. These solutions paled in comparison to the overall identity management efficacy of AD, however, so vendors developed add-on solutions called identity bridges to graft Apple systems into AD-based ecosystems.

The challenges with these attempts at Mac system management presented themselves rather quickly to IT admins. The solutions increased costs, introduced another tool to manage and worry about, and further cemented organizations on-prem. While the last challenge may not have been an issue for the last several decades, but now, as more and more organizations make the shift to the cloud, being stuck on-prem is practically akin to being stuck in the past.

Next-Generation IAM Capability: Mac System Management

complete mac user managementAs even more IT resources (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/mac-system-management-iam/

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 222 posts and counting.See all posts by zach-demeyer