Microsoft Teams with Jamf on Conditional Access for Macs
Microsoft Intune is now able to provide "conditional access" security compliance protections to Mac devices courtesy of a partnership between Microsoft and Jamf, a provider of management solutions for Apple devices.
The Microsoft-Jamf collaboration brings together the conditional access policies of the Microsoft Enterprise Mobility + Security (EMS) suite, as enabled through the Intune mobile management solution, in conjunction with Jamf Pro Mac management capabilities. Specifically, it requires the use Jamf Pro version 10.1.
Last week, the two companies announced that this conditional access support for Macs has reached the "general availability" stage, meaning that it's ready for use by organizations. Their initial collaboration had been announced back in September.
The conditional access scheme works when Macs are managed using Jamf Pro and registered with the Azure Active Directory identity and access management service. Jamf Pro inventory data gets shared under this scheme, permitting Microsoft Intune to perform a conditional access check before permitting end user to access an organization's resources. The conditional access policies get set by IT pros. They can ensure that Mac devices have up-to-date software, or that other security precautions are in place, before granting network access.
The conditional access for Macs approach is shown in this diagram:
If a Mac device is found to be noncompliant under this scheme, end users can be given a chance to use Jamf Self Service "to fix any security issues," according to the announcement.
A Jamf Web site description of the conditional access approach suggested that it permits Macs to live in the Windows world as "tier one" devices, with no fears when accessing "Office 365 and other cloud and on-premises resources." The service works without having to use proxy servers, it added.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.