With the new macOS®, Catalina™, on the horizon, IT admins can’t help but wonder what changes the new operating system (OS) will bring with respect to identity management. As Mac® admins know, controlling user access to Mac systems has never been easy. Not only that, but Apple® isn’t totally forthcoming about what will change in their new OS versions, which has resulted in some anxiety in regard to macOS Catalina identity management.
Over the past several releases, this anxiety has only been heightened by features like Secure Token, for example, which complicated the IT admin’s ability to centrally manage and enable FileVault® encryption remotely. Of course, Mac admins have come to expect nothing less than dramatic changes from Apple in their updates (which lead to big innovations too!), which is why a strong macOS-focused identity provider (IdP) is critical to managing a fleet of Mac machines in modern environments.
Why Do You Need a macOS IdP?
The broader macOS identity management challenges have existed for a long time now. In a historical sense, IT networks have primarily been based on the Windows® OS from Microsoft®. As such, admins generally leveraged Active Directory® (AD), another Microsoft product, as their core IdP.
Active Directory works well to manage Windows users and their access to Windows-based IT resources. Unfortunately, the same cannot be said for non-Windows users leveraging non-Windows-based IT resources. Specifically, with respect to macOS, admins cannot manage nor optimize Mac users and systems at the same level as their Windows counterparts in pure AD environments.
While it is possible to authenticate user access on macOS with AD credentials, the Microsoft platform falls short in that it is unable to remotely manage user provisioning, modifications, and deletions for macOS users and systems from a centralized location. This process has only been complicated over the years with the introduction of new functionalities such as Secure Token.
Secure Token Brief
In short, this Apple concept was intended to level up security for Mac users by building a (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/macos-catalina-identity-management/