Jamf updates Jamf Protect to 3.6.0.727
The release of Jamf Protect Agent 3.6.0.727 brings 2 notable new features – Protect Telemetry, and Protect Offline Deployment.
PROTECT TELEMETRY:
Telemetry log data sends device activity feeds to a security information and event management (SIEM) solution and security teams via the Jamf Protect agent. This helps Jamf Protect administrators and information security specialists proactively monitor and detect threats on macOS computers in their environments. This brings much of the data stream feature set from Compliance Reporter into Protect for all of our customers!
Note: We are enabling telemetry for customers over the course of this week and hope to have all the tenants updated to have telemetry by the end of the week.
Telemetry Documentation: https://docs.jamf.com/jamf-protect/documentation/Telemetry.html
PROTECT OFFLINE DEPLOYMENT:
Offline Deployment Mode is a separate implementation of Jamf Protect that secures devices without connecting or sending data to the Jamf Protect Cloud. Instead of interfacing with the Jamf Protect Cloud, Telemetry logs are written to the local disk or a customer-defined network location. This is especially important for our customers in high compliance environments, where connecting to Jamf Protect Cloud is not an option.Offline Deployment Mode lets you configure settings, obtain installer packages, and download configuration profiles for deployment via an MDM solution.
Offline Deployment Documentation: https://docs.jamf.com/jamf-protect/offline-deployment/index.html
There is also one notable fix in this release, where the extension remained in a connecting
status.
Release Notes: https://docs.jamf.com/jamf-protect/documentation/2022_Release_History.html
Jamf Protect is the only built for purpose enterprise security tool for Apple.
Total cost of ownership: Mac versus PC in the enterprise
During a virtual event in 2021, Microsoft announced its flagship operating system, Windows, to the world. Simultaneously, they also announced that non-enterprise support for its predecessor, Windows 10, would cease support on October 14, 2025.
And while its end-of-life (EOL) period is still a ways off, users that have yet to upgrade are urged to take a long, hard look at the updated requirements to run Windows 11, as the more aggressive criteria may require expensive hardware upgrades or perhaps even a new computer altogether.
Bearing this in mind alongside the growing adoption rates of Apple computers for work, school and personal use, users would do well to know what options are available to them before reaching EOL support on their current device — this includes migrating their personal and professional workflows to Apple.
Mac has risen in popularity with consumers and users to the point where businesses are not only forced to take notice but to react by investigating the potential benefits, cost savings and results of offering their employees Apple devices. This trend, made possible by the consumerization of IT, has younger, tech-savvy workers demanding to use the hardware they use at home in the workplace — Apple.
“I’ve said it before,” says, IBM’s CIO, Fletcher Previn “when did it become OK to live like the Jetsons at home but the Flintstones at work?”
We don’t believe it is.
When contemplating offering Mac to your workforce, the question of cost inevitably becomes a central focus.
“Macs are great, but I can buy two PCs for the same price as one Mac,” is a common mentality within IT departments. However, when looking beyond the initial cost of the device and comparing the TCO associated with providing:
- basic services
- application licenses
- device management
- endpoint security
- support requests
- hardware repairs
the outcome (surprising to some) favors Mac over PC. In this blog, we examine the numbers and put the Mac versus PC in the enterprise myths to bed.
Employee satisfaction and productivity
In 2019, Previn presented at JNUC for the third time and offered first-of-its-kind research that showed how Mac enables employees to be more productive and successful, along with striking improvements to job satisfaction and employee retention.
With tools in their hands that employees want to use, IBM’s research showed 22% more macOS users exceeded expectations in their performance reviews compared to their Windows-using coworkers and responded with a 47.5 net promoter score versus Windows user’s 15 net promoter score. In addition to a higher net promoter score, IBM’s Mac users were 17% less likely to leave IBM, showcasing the gap in levels of employee satisfaction and productivity.
“72% of employees choose Macs over PCs” — Global Study: Employee Choice and its Impact on the Future of Work, Jamf
Device preference is great, but employees need to feel like their devices have all the tools and software for them to perform at a high level. Mac users showed they were happier with the third-party software available within IBM resulting in, well, better results. Only 5% of macOS users ask for additional software, compared to 11% of Windows users and this fulfillment was leading to astounding results. One stat showcased that high-value sales deals tended to be 16% larger for macOS users, compared to Windows users.
To add to these benefits, Previn noted that within IBM, seven engineers support 200,000 macOS devices versus the 20 engineers required to support 200,000 Windows devices. That is a 186% increase in support engineering needed for Windows devices.
These stats may be on the softer side of Apple’s benefits, but it shows that companies have the ability to arm their team with devices that make them more productive and satisfied, less likely to leave and require less overall support. All of this was achieved while bringing in more money for the company and costing less.
Supporting IBM’s findings, “most professionals prefer MacBook over other laptops”, according to Haddayr Copely-Woods, Jamf. As participants in employee choice programs found that “74% of those who previously used a PC for work experienced fewer technical problems with their Mac than with their previous PC.”
Numbers to support Mac users
To uncover key drivers of Mac adoption in the enterprise, Vanson Bourne, a global third-party market research firm conducted a study of Mac users who work for organizations that offer Mac as a choice, on why they choose and use Mac at work. Here’s a brief summary of the findings:
- 97% say Mac increases their productivity
- 95% say Mac increases their creativity
- 94% say Mac increases self-sufficiency
- 79% say they could not do their job as effectively without Mac
- 70% say they experienced two or fewer issues on their Mac in the last 12 months (resulting in fewer IT help tickets)
When users are more satisfied and productive, the entire organization benefits.
Download the report to learn more.
Now back to the matter at hand, if the upfront cost for Apple devices is more how can the total cost of ownership be less? Let’s examine the findings from IBM.
Base Services
Every computer on an enterprise network needs a set of basic services. In particular, power and internet must be available. That cost is essentially the same for both platforms. While many organizations used to require binding a computer to directory services, with the most popular being Microsoft Active Directory, the modern computing landscape has changed in recent years. With a shift toward remote and hybrid work environments, organizations have migrated to cloud-based identity providers (IdP) to leverage the ease of management and security benefits to centralizing credential provisioning— solutions like Jamf Connect enable all the benefits of managing access permissions without the headache of binding.
Beyond power and a license for your IdP or legacy directory service, you will also need to license other services required by your users to do their jobs. This is often a mail account, possibly cloud storage, access to a chat service, expense system, collaboration tools and more. The majority of these services have moved to the cloud and simply require modern web browser access. Since they are cloud-based, they work the same way for Mac as they do for PC, and vendors charge the same price regardless of platform.
Next, users need access to software. Mac comes with most applications a user needs right out of the box: Safari web browser, Mail, Calendar, Contacts — all with Exchange support — and productivity apps like Keynote, Pages and Numbers. However, not everyone is comfortable with Apple’s built-in apps so most organizations choose to deploy Microsoft Office, which runs natively for macOS. Since introducing Office 365 a few years back, Microsoft has standardized the cost of Office on all platforms.
Finally, in addition to the software required for all users, organizations need to consider distribution points for deploying software to their users. Distribution points can be in the form of cloud storage or local servers running a standard file share. While this could be the same cost for Macs and PCs, it is important to note that your MDM solution may (or may not) offer support for hosting and deploying packages hosted from a cloud-based distribution point. For services like Jamf Pro, this is included at no additional cost beyond the licensing cost per device.
Hardware
Macs can cost more than PCs. MacBook laptops from Apple start at $999 and go up from there depending on needs. Apple’s strategy for Mac has always been to build computers with high-end, modern specs that are designed to last a long time. PCs, on the other hand, can range wildly in price because vendors will offer lower-end specs utilizing outdated technology for price-conscious buyers. Because of this, some PCs come in at half the cost of Mac.
It can be tempting to stop the conversation here and simply say “our organization can’t afford Mac.” However, a deeper study of all the essential software required for security and deployments demonstrates how the uptick in cost for Mac is something of a mirage.
While cost is certainly important, knowing what technology you’re getting for your money is equally crucial when diving deeper into the question of hardware. Furthermore, how the hardware functions in relation to the rest of the system are not only critical but also impacts:
- device performance
- user experience
- resource efficiency
- endpoint security
- capability/functionality
For example, most PCs are based on Intel-based processors, which handle the processing tasks, as well as define how resources like memory, graphic and network communication tasks are handled by the system. Though they work in tandem to process work-related tasks, on a PC each subsystem is typically developed by a different vendor, meaning there are limits to the level of integration achievable when sourcing components across a variety of vendors. Where Apple is concerned, the M1 and M2 families — for both desktop and mobile devices — all are created by Apple. This means that each component achieves an unrivaled deep level of integration, resulting in a Mac that is lighter, faster and more capable than its PC rival.
Not just that, but the impact of M1/M2 chip-enabled Mac on resources and performance in the enterprise was the subject of a Total Economic Impact Study by Forrester Consulting. The result? Return on Investment (ROI) is real!
Among the findings, some key takeaways that are highlighted by Kathryn Joy, Jamf are:
- Mac saves enterprise organizations $843 on an average three-year lifecycle
- Mac directly impacts IT efficiency, saving $12.4 million in IT support costs within the same three-year period
- Risk of data breaches on an enterprise device is 50% less per M1 Mac deployed
- Employee retention was measured to be 20% higher and productivity 5% greater than non-Mac users
Essential Software
All Macs include a copy of macOS free of cost. Apple only builds one version of its desktop operating system, so there are no discrepancies in features and users gain a consistent experience. macOS supports accessing shared resources on the local network or cloud-based, ships with full volume encryption (called FileVault) and even protects against malware(utilizing XProtect and Malware Removal Too) as soon as the device is turned on — including support for security and productivity features as a standard.
On the contrary, Windows 11 (in line with prior versions), requires enterprise organizations to either add these features via third-party software, purchase the “Pro” version, or both. Microsoft sells Windows 11 Pro for $199. The Pro version is required to join a PC to your domain and to get full disk encryption (called BitLocker). Additionally, most organizations add endpoint security software on top of Windows to protect against malware and viruses that have and continue to plague PCs.
Finally, organizations need a method to deploy computers to new employees. Just like encryption and malware protection, Apple offers a no-cost solution that is built into macOS — known as Apple Business Manager. This program allows organizations to deploy Macs (and iOS-based devices) and have them flagged as corporate-owned. When that device boots up for the first time, it checks the serial number with Apple’s database and forces enrollment of a corporate-owned device to the Mobile Device Management solution of your choice. From there, the MDM deploys device configurations, installs applications and enforces security settings. This is a tremendous time and cost savings over traditional monolithic imaging practices that require constant updating to remain current and negatively impact network bandwidth during deployments of any size.
Management
A management system is essential for both Mac and PC in an enterprise environment. A proper desktop management system allows IT departments to deploy new devices, configure settings remotely, deploy and update software, gather extensive inventory and ensure security. Microsoft offers Microsoft Intune to manage Windows endpoints. This is the most popular cloud-based enterprise management tool for Windows, adding MDM capabilities and pairing it with the Group Policy analytics to fully manage Windows — both mobile endpoints and those managed on-premises.
Once again, Apple is different. Apple builds a management framework (which acts as a blueprint, detailing what MDM solutions can and cannot manage) into its operating systems. Jamf — the industry leader in enterprise management of Apple devices — fully supports and leverages this framework, plus additional software installed to remotely manage Macs. Jamf provides same-day support for new macOS releases, including Apple’s latest security-only updates as part of the new Rapid Security Responses that keep your Apple fleet protected against the latest threats. Organizations can leverage Apple deployment programs and security tools to enjoy a complete ecosystem of Mac management capabilities.
Organizations can even create a custom app catalog with Jamf Self Service and enable users to install curated apps and settings on their Macs that are IT-approved. Users are notified when new tools and content become available, empowering them to be as productive as possible regardless of which Apple device they’re using or where they’re physically located.
Support
By the time we reach the final stack of the total cost of ownership model, you can clearly see that Macs are already less expensive. Beyond basic services, hardware and software, and management tools, you also need to support your users. Support staff and help desk resources will always vary based on organizational demands. It has been anecdotally reported for a long time that Mac users require less support than their PC counterparts. While no one specific component or feature lies at the crux of this belief, the numerous features that go into making Apple’s unique user experience, as highlighted by Edward Mendelson, a writer for PC Magazine, also help it stand in a league of its own when it comes to usability, simplicity and performance — after all, they didn’t earn the tagline “it just works”, on the hardware’s good looks alone.
Recently, IBM — who have deployed nearly 200,000 Macs — have provided concrete data to support this claim. IBM reports that PC users drive twice the number of support calls versus Mac users. Plus, out of those tickets that are opened, only 5% of Mac users end up requiring an in-person visit. PC boasts a troublesome 27% of tickets that require IT visits. Additionally, IBM only staffs a fraction of IT staff (7 administrators) to manage 200,000 Macs compared to the number who are required (20 administrators) to manage an identical number of Windows devices. While these stats are for the largest Mac deployment in the enterprise, the trend applies to smaller organizations who add Macs to their environment.
In a similar tale, David Gerwitz, Sr. Contributing Editor at ZDNet, recalls the support and upgrade cadence he established for his small business using Windows-based computers resulting in an average of high-end machines requiring replacement after 18 months while lower-end machines used minimally were replaced every three to four years. Until he switched to Apple, specifically, a combination of iMac for high-end work and Mac mini for lower-end work. While he goes into greater detail, including cost breakdowns and timelines, suffice it to say that the iMac lasted five years as his primary device (and then another three years after that as a powerful, secondary computer) and the Mac mini averaged over eight years of use without having to purchase costly upgrades, extensive repairs of devices or buy an entirely new device just because a new update was released.
Let’s recap those staggering findings
While Mac hardware alone is initially more expensive than PCs, there are many more factors to consider when deploying computers beyond the cost to procure the hardware. Thanks to most core services moving to the cloud and becoming cross platform, the cost is now a wash between Mac and PC.
Any organization serious about managing and securing Windows will need to add additional software and tools to the cost of their “cheap” PC, as opposed to having those features built into the operating system with Mac. Finally, when you add on the cost of management tools and support, the total cost of ownership gap can be huge for organizations of any size. In fact, IBM found they saved between $273 – $543 per Mac they deployed compared to PCs.
As you can see, the debate is over when it comes to the actual cost of computers in yourenvironment.
If you’re ready to start taking Mac seriously and save big dollars in the process while empowering your users with both performance and the much-vaunted Apple user experience, please contact us. Still on the fence? Learn more about the benefits of migrating to Apple and discover why employees value them now more than ever — and why your organisation should, too.
Let Jamf + Apple enrich your computing landscape while saving you time and money
What is Jamf School?
Jamf’s mobile device management (MDM) school solution means that teachers and IT professionals receive an MDM for education powerhouse for running today’s modern classroom with the best learning technology available, Apple for schools.
Jamf School’s intuitive web-based interface simplifies deploying, conducting inventory and securing Apple devices — while offering teacher workflows and other classroom management assistance.
What Jamf School can do for you
- Simplify classroom management with drag-and-drop functionality
- Show you all device information on one dashboard
- Give automatic access to subject-specific materials for students
- Track damaged devices
- Tackle multiple locations with ease
- Cache content that will be used by multiple students to avoid internet slowdowns
In addition to our purpose-built MDM solution for school, Jamf School also comes with three powerful education apps:
Jamf School Teacher
Combined with Apple Classroom, the Jamf School Teacher app empowers educators to develop learning and teaching opportunities using iPad in the classroom. Giving management tools to limit app and web access, restrict functionality and create lessons to reduce teacher workload
Jamf School Student
This powerful app empowers students to set up their own devices, communicate with teachers, store documents in their personal iCloud drives — and more.
Jamf School Parent
This app supports parents and home use with devices. This app allows parents to restrict usage for specific times throughout the day. They can also receive a notification when a child gets to school or arrives at home.
Secure Apple in Schools
The final piece of the puzzle: security and privacy for education users. Jamf School’s integration with Jamf Safe Internet supports student safety through content filtering and network threat intervention.
Ready to empower teachers, students, parents and IT professionals with an intuitive purpose-built MDM school solution?
Ready to manage and secure your school?
What to do if (when) a security vulnerability happens
No matter how diligent you are in keeping your software updated, devices in compliance or networks locked down, you’re going to experience a security vulnerability. Take the 2017 macOS High Sierra root access issue as an example. Four things were reinforced:
- No operating system is immune to security challenges
- Operating system and/or software providers must be quick to address security vulnerabilities and issue updates
- Device management, and specifically patch management, are no longer simply nice-to-haves
- Community forums, such as Jamf Nation and Slack, provide instant and valuable insight into how to resolve issues
The High Sierra security vulnerability allowed a user or attacker to gain access to a Mac with default settings sans a password, provided the attacker had physical access to the device. This issue also allowed standard users who were already logged into a device to gain elevated privileges in System Preferences, access via a script, and most importantly at the Login Window.
Within 24 hours, Apple released a security update for High Sierra (HT208315), and went on to push the update to all applicable computers, automatically updating devices.
In this case, Apple provided a rapid 24-hour response—but this won’t always be possible depending on the vulnerability’s complexity and location of your system. Organizations can take action to remediate security vulnerabilities both before a global update is applied and when manual interaction is required to remediate the issue.
Responding to security vulnerabilities
NIST’s computer security incident handling guide lists these four stages of the incident response life cycle:
Preparation
This stage often lays the groundwork for how your incident response will play out. By having established procedures, you limit scrambling for resources and action while your company data is actively at risk. In this stage, your company should ensure they have the proper staffing to handle incidents, including people with technical expertise in networking, server administration, security, etc. Management should also be prepared to coordinate the response and liaise with relevant stakeholders. Teams should have a good understanding of cyberattacks and attack frameworks, a good communication plan and a response strategy.
Detection and analysis
The key to detecting threats is understanding the baseline activity of your network. Benchmarking frameworks like CIS Benchmarks provide a guide for how to configure your system. Using security information and event management (SIEM) software monitors your network and alerts you of suspicious activity. Outputted logs give insight into your network activity, giving you the ability to spot anomalies.
Once an incident is found, the incident response team should analyze and validate it by following a predefined process. This analysis should determine scope, origin and method of the incident. This process should be well documented to inform the next steps.
Containment, eradication and recovery
Incidents need to be contained while still preserving evidence that helps identify the source and method of the attack, if possible. For instance, if a device is being attacked over the network, it can be isolated from the network but kept running for further analysis. Ideally, information about the attack’s origin can be collected.
After containment, the threat should be mitigated, whether this means removal of malware, disabling of breached accounts, patching vulnerabilities or restoring systems from clean backups.
Post-incident activity
Once an incident is remediated, your organization should take the time to analyze how the incident was handled in order to improve the process in the future. Depending on how the incident came into play, teams should develop policies and procedures to prevent or discover vulnerabilities before they turn into active exploits. This could involve investing in an SIEM or additional training for employees, starting or expanding threat hunting practices, or expanding the scope of already existing risk assessments.
Proactive, not reactive
With a mobile device management (MDM) solution, admins have the power to push workarounds to their devices before a vulnerability is patched by the developer. For example, if an app in your self-service catalog gives notice of a potential issue, you can quickly deny users access to the app until the issue is resolved. On a managed Mac, an MDM like Jamf Pro uses a binary in addition to MDM, giving you the following capabilities:
- The ability to write scripts and deploy them through policies to address interim settings/fixes while you wait for a fix from a software vendor.
- Patch notifications in order to know when a third-party patch is issued from the provider.
- Patch policies to automatically scope the patch to the computers that need it for speedy remediation.
- The ability to upgrade or update (when an operating system or software provider releases an update or upgrade). Whether patching critical software is done via a robust binary or a streamlined MDM command, vendors like Jamf empower IT to immediately push important updates to all end users and close security vulnerabilities before a system is compromised.
An MDM solution gives you the power to react to newly discovered system vulnerabilities. An MDM in tandem with endpoint security and an identity and access management (IAM) solution like Jamf Connect improves your security posture by using it to be proactive. Here are a few features this combination provides to secure your devices before an incident befalls them:
- Identity management: Using SSO with cloud identity provider credentials streamlines the user authentication process and reduces the likelihood of compromised credentials.
- Zero Trust Network Access (ZTNA): ZTNA uncompromisingly restricts access to company resources unless the user successfully proves their identity.
- Endpoint security: User devices are constantly and unobtrusively monitored for malware for faster detection.
- Analytics: Monitoring endpoints for malware also gives behavioral analytics to prevent vulnerabilities from turning into exploits.
- Content filtering: Restricting access to risky sites stops malware before it ever on the user’s radar.
- Visibility and compliance: MDMs give you the ability to keep devices up to date with the latest security patches and operating systems, keeping them compliant and as secure as possible.
Apple provided a timely response and administrators could see their work in real time. And, while Apple responded swiftly, many organizations would prefer to not wait on another vendor to patch significant vulnerabilities. Thanks to communities like Jamf Nation and Slack, IT administrators often have the knowledge and, with the Jamf platform, the complete ability to quickly deploy workarounds and the latest patches once they are released by the developer.
Jamf streamlines your incident response process.
HomePod mini is available in South Africa this month
Surprisingly Big Sound in a Compact Speaker
Apple Music on HomePod mini
Home Entertainment with Apple TV
Ultimate Smart Speaker for iPhone Users
Powerful Intelligent Assistant
Effortless Smart Home Control
Designed with Privacy and Security in Mind
Additional Features
- Automatic Siri volume: Siri will also automatically adjust the speaking volume on HomePod mini based on the room environment and volume of the user.
- Fun sounds: Ask Siri on HomePod mini what various animals, instruments, or vehicles sound like and Siri will play a fun, rich sound.
- Find My: Ask Siri on HomePod mini to help locate a misplaced iPhone, iPad, Mac, Apple Watch, or AirTag by playing a sound to pinpoint its location.
HomePod mini and the Environment
- HomePod mini is available in white, space grey, blue, orange, and yellow, and to order through Apple Authorized Resellers and select carriers (prices may vary) starting December 19.
- HomePod mini is compatible with iPhone SE, iPhone 6s or later, or iPod touch (7th generation) running the latest version of iOS; iPad Pro, iPad (5th generation or later), iPad Air 2 or later; or iPad mini 4 or later running the latest version of iPadOS.
Jamf releases Jamf Connect 2.18.0
- Jamf Connect login window has been adjusted to work on more window resolutions without formatting issues. Also the welcome message no longer has a character limit.
- Password policy rules are now only displayed in the Jamf Connect menu bar app when a user is changing or resetting their password.
- [PI110582] The macOS accessibility options can now be accessed on the Jamf Connect login window.
Jamf Connect enables organisations to deploy single sign on login to a Mac using Cloud credentials users already know.
Digital trust: 5 reasons it matters for your business
Digital trust: 5 reasons it matters for your business
Digital trust is the key to your company’s success and customer relationships. Learn what it means and why it’s important for your business.
Trust is the foundation for successful relationships, whether between friends, family, coworkers or business partners. We’ve all experienced first-hand or heard of betrayals and how they make relationships untenable. This experience doesn’t just apply to our personal lives: we put our trust into the companies we buy from and the goods and services we use every day.
Technology’s ubiquitous presence in our lives means we also have to put our trust in the data we give to businesses. Every time we make a purchase, we are putting our personal information—name, card number, items purchased, etc—into the business’s hands. If our data ends up getting stolen, whether via a data breach or intentional distribution, we’re less likely to do business with that company again.
In fact, according to a survey conducted by McKinsey, 40% of consumers will withdraw business with a company after learning their data was not protected. 10% of customers in the last year stopped working with companies after a data breach, even if their data wasn’t affected.
This is why your company needs to establish a solid foundation of digital trust.
What is digital trust?
Digital trust has different definitions depending on who you ask. McKinsey says:
“Digital trust is the confidence in an organization to protect consumer data, enact effective cybersecurity, offer trustworthy AI-powered products and services, and provide transparency around AI and data usage.”
While the ISACA has a more general definition:
“Digital trust is the confidence in the integrity of the relationships, interactions and transactions among providers and consumers within an associated digital ecosystem.”
In other words, digital trust hits on a few important areas surrounding a company’s technological footprint. Companies need to prevent data breaches: security violations where sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an unauthorized individual. So what are the considerations to prevent this worse case scenario? Let’s break it down:
- Privacy: Customers should be informed about how their data is being used, and companies should be transparent about their privacy policies. Data should only be gathered as it is needed to provide the requested service.
- Security: Companies should be making a concerted and deliberate effort to establish strong cybersecurity measures. Solutions like Zero Trust Network Access (ZTNA) control who can access company (and customer) data and keep information behind tightly locked doors.
- Identity: Only authorized users and third-parties should be able to access business apps and data. Companies should have identity and access management policies suitable for protecting company resources.
- Predictability: Businesses should have a well-established, effective threat prevention and remediation strategy to anticipate possible threats and plan for cybersecurity incidents.
- Risk mitigation: A part of reducing possible risks is visibility into the status of your company devices. Monitoring your endpoints and verifying their compliance gives you insight into what threat hunting practices are suitable for your organization and how you can triage and detect unknown threats and vulnerabilities.
- Data integrity: Beyond keeping data secure, companies should ensure that any customer data they do have is complete and accurate while being stored and handled correctly. Data should be readily available when access is needed.
However you slice it, digital trust is about good technological stewardship that protects customer data. McKinsey’s survey reports that customers care about companies having an “ethical and trusted reputation” nearly as much as price, quality and convenience. Indeed, 53% of customers will only buy from companies with a reputation of protecting customer data; this figure increases to 65% for those buying for their organization.
Why is digital trust important?
ISACA anonymously surveyed around 50,000 individuals who are either members of ISACA or have earned one of their certifications or credentials. These are what they reported as the biggest benefits of high levels of digital trust.
1. Positive reputation
Unsurprisingly, 66% of respondents reported that a high level of digital trust leads to a positive reputation for a company. As mentioned above, with 53% of customers in McKinsey’s survey only buying from companies with a reputation of protecting customer data, a positive reputation gives you a bigger customer base than with a negative one. In fact, according to McKinsey, digital trust leaders are 1.6 times more likely to see revenue growth rates of at least 10%.
2. Fewer privacy breaches and cybersecurity incidents
Nearly 60% of respondents reported fewer privacy breaches and cybersecurity incidents for digital trust leaders. McKinsey reports that they are 1.5 times more likely to mitigate data privacy issues and cybersecurity risks while experiencing 8% fewer data breaches in the last 3 years.
3. More informed decision-making
57% of respondents list more reliable data for decision-making as a benefit of high levels of digital trust. A good cybersecurity and data privacy posture helps ensure data quality and integrity by preventing alteration or loss of the data. Beyond mitigating data privacy issues, digital trust leaders are also 2.1 times more likely to mitigate data retention risks. Having trustworthy data allows companies to use their data wisely to make informed decisions in response to their present state, the marketplace and current or anticipated concerns.
4. Customer loyalty
Like in our personal lives, trust breeds loyalty—55% of ISACA respondents believe digital trust leads to stronger customer loyalty. McKinsey’s survey shows that digital trust leaders are 14% more likely to have “strengthen relationships with existing customers and acquire new ones by building trust” within their top three goals for digital-risk management.
5. Faster innovation
44% of respondents say digital trust begets faster innovation due to “confidence in their technology and systems.” Innovation requires sustained relationships from loyal customers and a good understanding of the market and consumer needs; this understanding can be obtained by using ethically harvested and well-maintained data. Companies and customers also need to feel assured that their systems and data are well protected, hence the importance of cybersecurity. Together, these factors inspire the confidence innovation requires.
How to build digital trust
Let’s recap: digital trust best practices can give your company more security, customer loyalty, faster innovation and more. So how do we actually go about building digital trust?
It starts by understanding what the initial obstacles are. ISACA’s report lists the following as the most significant obstacles:
- Lack of skills and training
- Lack of alignment with enterprise goals
- Lack of leadership buy-in
- Lack of budget
- Lack of technological resources
Overcoming these obstacles requires action from a senior leadership team or board of directors, depending on how your company is structured. The top three roles ISACA respondents listed as the most critical for strengthening digital trust are related to IT strategy and governance, security and information technology.
Cybersecurity and data privacy is the foundation of digital trust. Digital trust leaders in McKinsey’s report engage in a number of best practices related to each of these categories, including:
- Using automated tools to prevent cybersecurity events, enhance security and/or reduce overhead
- Having policies for data storage and access
- Integrating security considerations when designing new technology
- Thoroughly assessing privacy risks when using external data
- Deploying active defenses against cyber treats
- Having a incident-response program with regular testing
- Implementing endpoint malware-prevention solutions
- Having procedures to handle data privacy breaches
These practices are a good place to start to build digital trust. It’s important to understand how implementing cybersecurity and data privacy policies help accomplish organizational goals, and to build an organization-wide strategy that helps meet them. Trust doesn’t come easy—companies should have a mindset of continuous improvement to respond to the evolving market and technological landscape.
How to deploy new technology in healthcare organisations
While Jamf has been helping organisations succeed with Apple for over 20 years, bridging the gap between what Apple provides and the user needs, the rapidly evolving healthcare market presents unique challenges for technology deployments.
A crucial consideration to ensure stakeholder involvement and end-user adoption: Focus on how Apple technology can empower users and improve your patient experience. With the end goal in mind, you can develop the most successful strategy for your tech stack of device, network and cloud infrastructure.
In our webinar, How to Select the Right Tech Deployment Model in Healthcare, presenters Adam Mahmud, Jamf Senior Healthcare Product Marketing Manager, and Michael Covington, VP of Portfolio Strategy, discuss how healthcare organisations can most effectively plan successful modern technology deployments.
Apple technology driving healthcare outcomes
While Jamf can count 8 of the top 10 U.S. children’s hospitals, and 13 of the top 20 U.S. adult hospitals as customers, Mahmud shares a recent story from one healthcare institution to illustrate how Apple technology is transforming healthcare.
When the pandemic hit UC Health at the University of Colorado hospital, the need to launch mass vaccination clinics required innovations to handle patients in mobile settings. The change to using iPhone and Epic Rover as primary tools for clinical staff resulted in a dramatic 85% reduction in per-patient vaccination time, dropping from three minutes to 30 seconds.
The transformative outcome: moving forward with standardization of iPhone as a tool of care for all UC Health nursing staff.
Managing and securing Apple in healthcare
As the use of Apple devices continues to grow in healthcare settings, Jamf brings management and security into a single solution offering robust capabilities.
Jamf management tools for healthcare include assistance with:
- zero-touch deployment
- mobile device management
- inventory management
- app management
- remote actions
- self service
Jamf solutions to help secure Apple devices include:
- identity and access management
- endpoint protection
- threat prevention and remediation
- content filtering and safe internet
- Zero Trust Network Access
- security visibility and compliance
Beyond management and security, Jamf extends Apple use cases in many unique ways for healthcare including:
- Jamf API – customized workflows
- Jamf Marketplace – integration partners
- patented industry workflows – solutions around patient experience, clinical communications, telehealth
- Integrations with Microsoft and Google technologies and workflows
Strategic planning for technology transformation
As Michael Covington explains, Jamf is the only company in the world that provides complete management and security solutions for an Apple-first environment that is enterprise secure and consumer simple while protecting personal privacy.
Two key trends influencing technology investments in healthcare institutions: the broad adoption of mobility, and the transition of applications out of the corporate data center.
Today hybrid work and cloud computing require that organisations manage:
- enabling modern devices
- connecting users and data
- managing diverse risk
For healthcare, the protection of patient health data and personally identifiable information is key. As Covington notes, it’s essential to maintaining a solid brand reputation and also important to just do the right thing for patients, for employees, for partners and for everyone associated with the institution.
Maintaining all the required compliances while preserving user experience is critical to successful workplace modernization.
The solution: Trusted Access with Jamf
At Jamf, we encourage our customers to embrace technology that allows their end users to have the same great experience in their work technology that they get in their home technology, while also ensuring that work devices have the right trust. This means the business can ensure that access to sensitive data is given only to authorized users, on devices that have a trusted relationship with the organisation.
We call this trusted access. It’s essentially an outcome-focused workflow that brings together the best of management and security capabilities.
Organisations can achieve Trusted Access by:
- Requiring only authorized users are granted access on enrolled devices
- Providing a secure connection to corporate apps and data
- Delivering comprehensive modern security to defend against an evolving threat landscape
Get deeper into Trusted Access
For an in-depth discussion of developing a strategy for choosing a technology deployment model in your healthcare organisation – whether devices are organisation-owned, single user, shared or personally owned – and a roadmap to the outcome of trusted access, check out the full webinar below.
Watch the full webinar to learn more about how to establish a trusted foundation for modern work in a healthcare organisation with Jamf.
Jamf Safe Internet now available for Chromebook
Jamf believes in empowering people through trusted access to technology.
Our focus on user experience has led us to create network security solutions that are effective, delight administrators, and protect students from inappropriate content as well as over-surveillance.
And it’s now available for Chromebook.
Our core products continue to get better by the year, and Jamf’s management products are still Apple only. Our focus on the Apple user experience remains unchanged.
But why wouldn’t we want to extend the same security to every student, regardless of the device they’re on?
Jamf Safe Internet protects against harm and preserves privacy.
Jamf Safe Internet allows your teams to protect end-users on their devices with content filtering and network threat prevention that is purpose-built for schools.
As schools balance the ability for students to learn anywhere with online safety, many turn to Jamf Safe Internet.
It protects students by:
- Filtering unsafe content
- Allowing admins to block harmful or inappropriate sites
- Blocking phishing attempts if users click on scam links
- Protecting devices from malware and compromised applications
- Keeping students safe without compromising their privacy
Jamf has always used technology beyond the Apple MDM framework. Students require similar student safety experiences regardless of device, and our next-generation network technology makes this possible.
We are so confident in our understanding of network security that we now offer the same protection and privacy on Chromebook with a Google Admin console as Apple managed by Jamf Pro or Jamf School.
Partnership with Google
We developed this technology in coordination with Google to ensure a secure and seamless experience on Chromebook. Working alongside Google gave us the opportunity to understand their ecosystem and build with best practices in mind.
See how Jamf Safe Internet can help to protect your students, regardless of device!