June 10, 2019
Mac
MFA
Endpoint Authentication

The Future of Mac Management: Opening the Door Through Innovation

Eric Kuhlmann headshot
Eric Kuhlmann Senior Product Manager
Mac Security hero

From Airpods to Iphones to Macs, Apple products can feel ubiquitous. Mac computers now make up almost 10% of the enterprise workstations, and are often favored by executives, designers, developers, and other key creators of core intellectual property. As their popularity and usage continue to grow, any vulnerability to breaches must be addressed as companies secure Mac endpoints.

In 2017, we saw a malware increase of 80% on Mac computers as hackers continued to target all operating systems looking for a vulnerability. Apple continues to bake security enhancements (for example, like preventing tracking of users from website to website) but it only takes one compromised computer to endanger an organizations’ sensitive data. Enter Idaptive's Mac management solution, just one of our many endpoint protection capabilities.

Idaptive’s Mac management solution provides the ability to ensure the endpoint is trusted before granting access to a user. There are various contexts with which an authentication policy can be tied. For example, access can be allowed or restricted based on the time or location. If the state of the device is unknown, the user can be challenged with Multi-Factor Authentication (MFA) or blocked access to the resource. Idaptive leverages the data about the user, their device(s) and behavior to allow access, block access or enforce additional authentication – giving the user just the right amount of access they need to perform their job at any given time. Devices can also be locked, located and wiped should they be lost or stolen.

Endpoint Authentication augments our robust MFA offering to enable Idaptive customers the ability to manage Macs while off the corporate network without a VPN. Though the cloud, Mac users can login to remote Macs using their corporate credentials regardless of whether they use our Idaptive Directory, AD, LDAP or 3rd party cloud directory service. This allows us to offer cloud delivery of the full suite of AD policies for Mac security and configuration management.

Using Endpoint Authentication, the Cloud Directory can serve as a virtual directory, allowing users to login to applications, endpoints and services using their existing enterprise credentials (AD or LDAP), enabling a seamless transition from an existing legacy directory to the Idaptive Cloud Directory. Additionally, through the use of our authentication APIs, this capability can be extended to browsers and homegrown applications.

Idaptive Mac Management not only offers MFA for macOS login, including Bluetooth for offline second factor authentication, Hardware Token support with Yubico, but also Self-Service Password Reset (SSPR) and Self-Service Account Unlock (SSAU). Behind these powerful capabilities we have our behavioral-based, machine learning, analytics engine. This all comes together as Idaptive’s ‘adaptive’ MFA solution – MFA everywhere, regardless of the endpoint, adaptively looking to intelligently limit or grant access to applications and endpoints based on user behavior.

The appeal of a sleek new Mac is undeniable, but it would be a pity to leave it anything less than secure. If you’re looking to try the Idaptive Mac management solution or our Next-Gen Cloud Directory to accelerate your cloud and mobile first initiatives, sign up for our free trial here