Microsoft Intune Now Supports Conditional Access for Macs via Jamf Partnership
A solution to add "conditional access" security compliance protections to Mac devices, using technologies from Microsoft and Jamf, is now commercially available.
The conditional access solution for Macs is derived from a partnership between Microsoft and Jamf, a provider of management solutions for Apple devices. Their collaboration brings together the conditional access policies of the Microsoft Enterprise Mobility + Security suite, as enabled through the Microsoft Intune mobile management solution, in conjunction with Jamf Pro Mac management capabilities. Specifically, it requires the use Jamf Pro version 10.1.
Today, the two companies announced that this conditional access support for Macs has reached the "general availability" stage, meaning that it's ready for use by organizations. Their initial collaboration had been announced back in September.
The conditional access scheme works when Macs are managed using Jamf Pro and registered with the Azure Active Directory identity and access management service. Jamf Pro inventory data gets shared under this scheme, permitting Microsoft Intune to perform a conditional access check before permitting end user to access an organization's resources. The conditional access policies get set by IT pros. They can ensure that Mac devices have up-to-date software, or that other security precautions are in place, before granting network access.
The conditional access for Macs approach is shown in this diagram:
If a Mac device is found to be noncompliant under this scheme, end users can be given a chance to use Jamf Self Service "to fix any security issues," according to the announcement.
A Jamf Web site description of the conditional access approach suggested that it permits Macs to live in the Windows world as "tier one" devices, with no fears when accessing "Office 365 and other cloud and on-premises resources." The service works without having to use proxy servers, it added.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.