You are accessing this website with an out of date browser. Please update to enjoy an optimal experience.

Customers

Our customers are continually challenging themselves to improve their business, and it’s safe to say we find ourselves working with them as well as for them. From the creative industries to education, we provide a full range of end user solutions and services. Read more

About

We like to think we do things a little differently than your average IT reseller and service provider. Find out more about the company and team here, and swot up on our news, articles and events before your job interview! Read more


What can macOS Catalina do for your company? What you missed from our Mac for Business event

IT managers and support technicians from across the UK joined us at our office in Soho for the latest in our series of Mac for Business workshops to hear how the new operating system provides security improvements – and to get hands-on with the latest Apple technology.

 

Mike Laskey

Dave Hornby, Jigsaw24’s Director of Apple Enterprise Architecture, welcomed our guests at 8 Golden Square. Alongside Dave were representatives from Apple and Jamf, on hand to discuss the finer details of macOS Catalina and mobile device management (MDM) respectively. With Catalina released just over a month earlier, the event gave guests their first look at its new features and MDM functionality.

 
Keeping system files safe and sound

We began with a bit of background to the new macOS and why security was a top priority in developing Catalina. Good device security has always been a concern for IT managers, but its importance has been highlighted further in recent months, with reports on how as many as 57% of companies have experienced a cybersecurity breach within the last three years. 

Guests heard how macOS Catalina features a read-only system volume – effectively an extension of the System Integrity Protection technology introduced in OS X El Capitan – that protects the device by separating system files from all other data to prevent malicious changes or accidental overwrites. For IT managers, this means that a new read-only volume will be created when upgrading to Catalina from an earlier macOS, while user data will be kept separate.

 

New features galore

Next, we looked at System Extensions, a replacement for kernel extensions that allows apps to provide additional capabilities like network extensions and endpoint security to a user’s Mac. System extensions and drivers built with DriverKit run in user space, so – unlike kernel extensions – they can’t compromise the integrity of the operating system.

Further security improvements come in the form of Gatekeeper notarisation. Gatekeeper continues to ensure that apps installed to the device are checked for malicious code, but the notarisation that was optional in Mojave is now essential in Catalina by default. All software must be signed by Apple to run – although MDM admins can whitelist apps.

 

Privacy as a priority

With security covered, it was time for an in-depth look at privacy features. Apple operating systems always focus on user experience, and Catalina gives users more choice and control of their privacy settings than ever before.

In fact, Catalina picks up where Mojave left off by requiring user approval for access to certain application data. For example, as in Mojave, launching the Photos app for the first time creates a user library for future photos to be stored in, but the user must confirm privacy permissions before being able to access that folder.

Catalina extends this requirement to more apps, giving the user more of a say on the privacy of their device. As our workshop guests found out, though, privacy preferences and recording protections can be managed in MDM with Catalina – as can the new support for Activation Lock on all Mac models with the T2 Security Chip.

 

Other Catalina changes

Next up on our agenda was how Catalina is changing device management. The operating system has introduced User Enrolment, which uses cryptographic data separation to maintain users’ privacy when MDM administrators are managing their devices.

Attendees discovered how User Enrolment requires Managed Apple ID for Business, with identities being provided by the organisation’s Microsoft Azure Active Directory. This provides a simplified login experience by combining Azure credentials with Managed Apple IDs within Apple Business Manager, and gives users access to key cloud apps while not allowing them to buy unauthorised software from the App Store.

IT managers also need to note that 32-bit apps will no longer work once they’ve upgraded, and that Catalina comes with a Single Sign-On extension that can be supported via MDM.

 

Day of release support from Jamf

It was now Jamf’s turn to bring our guests up to speed on how their MDM software works with Catalina. Their representative opened by sharing how Apple used the recent Jamf Nation User Conference in Minnesota to reveal that they themselves use Jamf’s MDM software on their huge estate of devices.

This was seen as a statement of support that reflected the close relationship between the two companies, with Jamf working to design their software to not just be compatible with new Apple operating systems but to provide true ‘day of release support’ for new features.

 

Support for User Enrolment and Enrolment Customisation

We’d already touched on User Enrolment, but Jamf made clear that both Jamf Pro and Jamf School support the new framework. Admins have a new way to manage devices securely while not intruding on their users’ privacy – especially if a device is owned by the user.

We were also told how both Jamf Pro and Jamf School now support Enrolment Customisation to deliver bespoke welcome screens, branding and acceptable usage policies.

 

Single Sign-On

Jamf’s representative then outlined how Jamf Pro streamlines how often users need to sign into apps. Thanks to Jamf Connect integration, it can now handle secure authentication by Single Sign-On login.

You can learn more about Jamf Connect and using your corporate identity to improve security by requesting our ‘One login for all all services’ white paper.

 

Practice makes perfect

It was time to see Catalina in action. Guests were given access to Mac notebooks running on the new operating system, with Dave guiding them through some lab exercises to let them experience some of the features already discussed.

Enrolment Customisation was on display first, with a quick boot of the machines demonstrating a custom build with example branding and screens. Next, attendees tested out Catalina’s privacy features by launching the Photos app for the first time, then seeing the prompt for user permission when trying to open the photo library in Terminal.

Finally, we looked at Jamf Self Service, with Dave inviting guests to temporarily promote users to administrators for a set period, and starting a group discussion on how users can easily send IT teams error logs with just the click of a button.

 

Security aware, Catalina ready

With our workshop coming to a close, our guests had learned more about Catalina, why it can help improve IT security, and what to consider before saying goodbye to previous versions of macOS. They’d also seen how combining Catalina with Jamf can provide a seamless MDM experience, trying it out for themselves with guidance from the experts.

 

Join us at Mac for Business

Want to attend our next Mac for Business workshop? You can hear from the experts, get your questions answered and try the latest technology at our Apple Experience Centre.

We’ll soon be announcing the next workshops for early 2020 – keep an eye on our events page to register!

 

Want to know more about macOS Catalina or Jamf? Fill in the form or get in touch with the team by calling 03332 409 214 or emailing business@Jigsaw24.com. For the latest news, follow us on LinkedInFacebook and Twitter.

Featured Products

Related Articles