Jamf Now or Jamf Pro: Which is right for you?

by Daniel Weber

You may know Jamf as the standard for Apple device management. If not, very nice to meet you.

With Mac, iPad, iPhone and Apple TV devices becoming commonplace in organizations, hospitals and schools around the globe, many are discovering that a purpose-built Apple management solution is necessary to accomplish their goals with Apple.

Any of this sound familiar?

  • We purchased Macs, now how do we get the right stuff on them for our employees?
  • How can I turn my iPad into a point-of-sale terminal?
  • How do I ensure students’ privacy is protected when using education technology?
  • Can my staff get the resources they need without bugging IT every time?

Yeah, you need management.

Since expertise, goals, requirements and scenarios vary, we didn’t want to shoehorn you in to one management solution. So, we created two distinct tools — both of which will always support Apple releases and features on day one — to address your unique needs: Jamf Now and Jamf Pro.

Who is Jamf Now for?

Most commonly used by small to mid-sized businesses, Jamf Now is streamlined Apple device management; no IT required. When IT is not your day job, or you have a more simplified environment, Jamf Now is for you.

What do the “basics” get you?

For starters, here’s what you won’t get: a sales pitch, software training or product documentation. There’s no need! We’ve designed Jamf Now so that you can, well, start now. Jamf Now walks you through every stage of your account creation to ensure you have all the necessary pieces in place to start managing devices. Tailor-made for small to medium-sized organizations, Jamf Now helps you:

Setup: Enroll devices into Jamf Now via user-initiated enrollment or zero-touch through Apple’s Device Enrollment Program (DEP) — now part of Apple Business Manager. Once enrolled, configure Wi-Fi, email, calendar and contacts, and set basic iOS restrictions on your devices. You can enjoy ongoing device customization by leveraging a Jamf Now Blueprint. Create multiple Blueprints to define settings and apps, then deploy a Blueprint to a device or set of devices. For example, XYZ organizations can use the XYZ blueprint to automatically apply settings 1, 2 and 3, along with the most commonly used apps.

Inventory: Keep track of device settings and details by viewing inventory status within Jamf Now or by exporting inventory reports to spreadsheets to demonstrate compliance.

Manage: Jamf Now can help you purchase Volume Purchase Program (VPP) apps and centrally deploy them to the appropriate devices. VPP is now part of Apple Business Manager, as well. Single App Mode through Jamf Now allows you to lock your iOS device to a single app, turning it into a point-of-sale or kiosk in retail locations.

Protect: Require that a passcode be on all Jamf Now enrolled devices and enforce native Apple security features such as FileVault 2 for Mac. If a device is lost or missing, disable and locate and/or remotely lock and wipe to ensure the device, user and data remain secure.

Who is Jamf Pro for?

Organizations that have scaled beyond basic Apple device management, and need a more robust tool to help manage employee or student devices turn to Jamf Pro. When you have a dedicated IT admin or team, you require enterprise-level features and functionality. Jamf Pro offers everything Jamf Now does and so much more in the form of:

Deployment: Aside from offering zero-touch deployment to provision the perfect Apple device right out of the box, Jamf Pro also integrates with Apple School Manager or Apple Configurator — allowing you to truly choose the manner in which you enroll Apple devices. If you already have Macs on your network (or think you do), Jamf Pro provides a network scan to identify any unmanaged Macs. Once located, quickly enroll the devices into management. For traditional environments that are not yet leveraging zero-touch enrollment, macOS imaging tools are available to help these organizations meet their deployment needs.

Inventory: When default inventory collection is not enough, Jamf Pro empowers you to build Smart Groups based on inventory criteria without using complex query language. Smart Groups update every time a device checks into Jamf Pro, so they’re always up to date. Group membership can trigger policies for automated management actions or be used in reports. Reports can be run on any inventory category (and even make a dashboard view for instant report visibility) to make informed business decisions and demonstrate compliance. If a device falls out of compliance, get an alert so you can take swift action.

Device management: Go beyond basic configuration profiles and use policies and scripts to truly customize your devices. Want to modify account permissions? No problem! Need to have a custom script run every time a user logs in? Easy! No macOS or iOS restriction is off limits. Run custom scripts and advanced configuration profiles to open the door for infinite device management capabilities. Plus, Jamf Pro provides full Apple TV support, so you can manage them just like an iPhone or iPad.

App management: Looking to develop your own in-house apps or leverage apps outside of Apple’s App Store, such as Adobe Creative Suite? Jamf Pro is for you. With Jamf Pro, you can purchase App Store apps in bulk using Apple’s deployment programs, pre-configure App Store, third-party or In-house apps, and distribute them in the manner of your choosing.

Self Service: Create your own custom app catalog and offer tier-zero self-help tools to users — all without them ever submitting a help ticket. You load Jamf Self Service with resources, content and trusted apps, and users access them on demand. To encourage adoption, brand Self Service with your banner, logo or dock icon.

Security: Beyond enforcing native Apple security settings to restrict malicious software and protect personal and corporate data, Jamf Pro gives you the tools to secure VPN configuration, manage local macOS accounts and administer management privileges at a granular level. Manage FileVault and Gatekeeper settings, block specific software from running, enforce restrictions – like disabling the camera or iCloud — and even manage kernel extensions all with Jamf Pro.

Patch management: Software and data breaches often start by attacking out-of-date software. To combat this vulnerability, Jamf Pro offers patch management functionality to identify and automatically deploy software and OS patches to eligible computers and bring them into compliance. You define user interactions and set deadlines to update. Jamf Pro is the only solution with automated patch alerts for third-party apps built right into the platform. No other tool allows you to identify, package, distribute and report on patches the way Jamf Pro does.

Integrations: Leverage your existing tools and seamlessly integrate Jamf Pro with the management tools, network access controllers, and other IT services and technologies you already have. If you utilize Apple deployment programs, Active Directory, Single Sign-on, Microsoft System Center Configuration Manager (SCCM), Microsoft Intune, Cisco ISE (and many more), Jamf Pro can pair with it. From cross-industry integrations to specific solutions, visit the Jamf Marketplace to see the 200+ providers Jamf Pro integrates with.

Services: To ensure success, all sales of Jamf Pro include new customer primer sessions and a personal training and implementation engagement. Through remote and on-site sessions, you’re equipped with the tools necessary to immediately begin implementing solutions to the challenges you face in the ever-evolving Apple ecosystem. Following your initial engagement, Premium Services are available to focus on your priorities in the form of enhanced workflow design, implementation strategies, security management and much more.

Support: When you purchase Jamf Pro, you join a customer community and have access to a team of experts versed in Jamf and Apple technology. Support is available via chat, email or phone during business hours, and there’s no max number of support cases you can create. Premium Support is also available should you desire round-the-clock support, priority escalation, product issue reports and a dedicated Jamf expert.

Training: Basic, intermediate and expert level training courses are offered to provide Jamf Pro customers with hands-on experience and in-person access to Jamf and Apple experts.

Still not sure which is right for you?

Don’t worry, with 96 percent of Jamf Pro customers renewing their contracts every year, you can’t go wrong. And you’ve really got nothing to lose by trying our solutions, because hey, they’re free to test drive. As an added bonus, the first three devices with Jamf Now are always free.

Let us help you get the most out of your Apple devices. It’s what we do best.


CYOD: Users choose, IT Wins

Clayton Campbell | Director, Onsite Group

When it comes to attracting and retaining top talent in the enterprise, the landscape is more competitive than ever. With the highest global talent shortage in 10 years, it’s no wonder that the next major priority for organisations is creating the ultimate employee experience. The best place to start is with the devices employees use to do their jobs everyday.

‘Bring Your Own Device’ was considered a great solution: employees used their own devices, plugged into the company systems, and everyone wins. The workforce is happy with the devices and the company gets a boost in productivity. But this didn’t last, because the administration and security concerns around those devices could not be ignored.

BYOD has been a disaster to many, but it would not benefit anyone to regress to the old way of doing things. So instead businesses are applying a new way of thinking: ‘Choose Your Own Device’. In CYOD, the company procures the devices, but the employees have a say in what they prefer to work with.

“Traditional BYOD gave limited access to corporate infrastructure,” explains Clayton Campbell, Director of the Onsite Group. “Employees could connect to company networks over Wifi or the internet, but the company couldn’t really lock down those interactions because they didn’t own the device. The user had power over what they could and couldn’t do. With CYOD, the company owns the device and has full control to handle security and restrictions. But employees have the freedom to choose the device.”

This is complemented by a parallel trend: the growing popularity of Apple devices in enterprises. Apple was once not so closely associated with the business world. Back in 2010, the late Steve Jobs complained about the enterprise market, saying it didn’t take user choice into account under the yoke of IT departments controlling all aspects of device allocation.

The rise of Apple in the enterprise

But much has changed. Smartphones led a revolution that switched gears, through BYOD and full circle - except user choice is now ingrained in the process. Apple has become a very sought-after brand by enterprise warriors.

“It’s been a Microsoft environment because IT made the decision. But more users are pushing back. They want Apple devices. So corporations are looking to give users more choice and a lot are choosing Apple.”

Research concurs: Good Technology's Mobility Index Report declared that iPhones accounted for 72% of all enterprise smartphone activations during Q1 of 2017, a number that has grown since. Jamf, a device deployment and management platform that specialises in Apple products, claimed that 99% of large organisations now have iPhone and iPad presences and of organisations with choice programmes 72% of employees choose Mac and 28% choose PC.

Yet managing these devices has its own challenges. Too many organisations are trying to shoehorn all of its device management into a single platform that tries to appease them all: Apple, Windows and Android. The results are lacking, to say the least, and as a result, many IT departments are not seeing the benefit of bringing non-Windows devices into play.

Users do it themselves

But this is an entirely different story when using a specialised management suite. Suites such as Jamf are creating authentic ‘unpacking’ experiences for workforces. A new MacBook can be taken fresh out of its wrapper, logged onto the company Wifi network, and a short enrollment process begins. Fifteen minutes later an employee is ready, secured and fitted with all the required apps and policies (and none of the unwanted stuff) - all without the intervention of IT personnel.

IT departments used to focus on horizontal device segmentation - a laptop is a laptop, a phone is a phone, etc. - for the sake of easier management. Now modern specialised management suites let them open the gates and not be bound to just one track, says Campbell:

“IT doesn’t need to commit to one ecosystem. We’re saying the users should be provided with a choice. Users can choose what they like - it’s the way we manage those devices that’s different. Employees can blend devices and only IT sees the difference.”

The truth is that users are already getting their way. Numerous South African enterprises, especially among the supposedly-stoic banks, are investing in thousands of Apple devices for their employees. Resistance is futile. But IT doesn’t need to fight the tide. Enrollment and management become hands-off yet simple when deploying a specialised management suite that focuses on specific ecosystems. Lego, the manufacturer of those famous plastic toys, owns tens of thousands of Apple devices, all managed by one administrator.

“The old horizontal way is the wrong way to do it. Look at it with an ecosystem perspective. Manage Apple with Apple, Android with Android, Windows with Windows. Then you can start unlocking tools to let users have an overall better experience while the business remains protected.”

If your business is looking at deploying Apple devices in the enterprise or starting a user choice programme, we would love to talk to you. Visit www.onsitegroup.co.za/business for more information.

Apple WWDC 18 Take Aways

WWDC 2018 Take aways

-Clayton Campbell

Apple hosted its 2018 World-Wide Developer conference yesterday in San Jose, although there were no hardware releases, Apple has placed huge focus on their software and have released some very cool new features to look forward to! Here are some of our favourite take aways from the event. 

iOS 12

Apple are releasing iOS 12 in the spring time and with iOS 12 comes an increase in speed! Everything will load up to 40% faster and will work on all devices that currently run iOS 11.

Memoji comes to iPhoneX! Create cool Animoji's of your self to use in texts.

Siri Shortcuts

Apple have brought work flows to the Eco System! If you rely on the full ecosystem this is pretty neat! Personally I use everything from maps on my phone, to an Apple HomePod at home that controls my lights and a Tile that lets me know where my keys are.  With Siri Shortcuts, I can now tell Siri I'm heading home, she can then notify me exactly where my keys are, how long it will take me to get home on the best route, turn my lights on at home and get my favourite album playing on my HomePod. Pretty cool!

Digital Addiction Tools!

This one gets me really excited, as we work with a lot of schools and children managing screen time poses to be a difficult topic for parents and teachers. Apple has now introduced tools that allow you to monitor how much time you spend on Apps, set yourself limits, or if you are a parent, using Family Sharing disable certain apps and even limit devices to core functions like phoning!

This is going to be a game changer!

MacOS Mojave!

This is my all time favourite update! MacOS now has dark mode, allowing you to switch away from bright windows to a more darker theme, a new sexy dynamic changing desktop that changes throughout the day.

For the user who has a messy desktop, the best feature of all goes to Stacks! Apple now automatically sorts like for like files into stacks on your desktop giving you an organised look and an easy to find tool for the files you access frequently.

iOS apps are coming to MacOS in late 2019 but Apple have started with the launch of Home, News and stocks coming to the Mac this spring.

Security and privacy

Security and privacy is a key undertone of all Apples new releases, data privacy and user protection is a huge focus, no more pesky adds and unknown data collection in Safari.


ARKit hits version 2.0. bringing developers more tools to use and create amazing AR immersed experiences - with this Apple launches Measure - a new App that acts as a ruler to measure 3D objects.

Group FaceTime!

This is something I am personally excited for - perhaps we can let go of Skype now? FaceTime up to 32 people at the same time, hopefully we can finally say goodbye to “hello, can you hear me?”

Apple Watch

Apple Watch got some cool gym updates and the ability to compete with your friends in Activity, but the coolest update of all is definitely the Walkie Talkie App! This has so many real life applications, especially for my field services team!

Some very exciting software developments happening with Apple and iOS 12 and MacOS Mojave, if your organisation needs assistance in deploying Apple Devices to its users, Onsite can help. We currently assist some of Africas biggest brands deploy Apple devices to their users. Read more about this on our Website - www.onsitegroup.co.za