How do you allow Macbooks in your environment? Our Marketing team requires them for the nature of their work, but IT has been reticent. I suggested leaving Macbooks off network entirely, but we still need efficient file share option and/or VPN access. What solutions have you employed?

NetworkDevice Management
2k views1 Upvote8 Comments
Sort By:
Oldest
Mission Diplomatic Technology Officer in Governmenta year ago
We do, about 5% of our 100,000 users are on MacBooks.
1 2 Replies
SVP of Marketing in Bankinga year ago

How did you mitigate any infosec concerns? 

Mission Diplomatic Technology Officer in Governmenta year ago

A blend of security tools and network isolations. Multiple networks, the least secure has browsing, but application access is through MFA either Microsoft or Okta with a card. Microsoft or Okta mfa depending on sought resources.

The Mac experience does not have parity to the windows experience, but supports necessary missions of the work.

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Senior Director, Technology Solutions and Analytics in Telecommunicationa year ago
We have several Macs among our fleet of laptops as well. I'd recommend you look into a Mac MDM that works within your Microsoft Ecosystem. If you have Microsft Intune there is a MacOS client, there is also Jamf but I haven't used that in years. 
1
Leader of Domain and Enterprise Architecture in Retaila year ago
We have a large percentage of users in the US on MacBooks esp. for online, marketing, and others including myself.  We use Jamf to manage, CISCO Anyconnect, and Intune.  It works quite nicely for me and I'm on the Apple M1 Max chip.
2
Principle Consultant in IT Servicesa year ago
We allow resources to pick the device that helps them do their job. Many of our sales personal and engineers use Macbooks. We have added several tools to help secure the environment, like Intune, Crowdstrike, and Manage Engine.
2
Senior IT Manager in Governmenta year ago
Properly configured and administered, the Mac OS can be as secure, if not more secure, than the Windows Platform. We offer our user community a choice of either Mac or Windows as their primary device - finding it best to let people use the tool that works best of them. Properly configured and administered, the Mac OS can be as secure, if not more secure, than the Windows Platform. Through Apple Business Manager, our Mac laptops are all firmware tied to our organizational ID, so they will look to our JAMF instance to reimage remotely even if they're stolen and wiped clean. We use JAMF to manage our MacBook fleet and Maas360 to manage our Windows machines. 
1

Content you might like

In the age of cloud computing and remote working, is the traditional firewall dead?

CloudEnd-User Services & CollaborationEngineering+10 more

The firewall is dead46%

Long live the firewall53%

4.5k views2 Comments

Has anyone switched from Cisco ISE to Portnox for RaaS and TACACS+? As a long-time Cisco customer, I find the idea of not having to upgrade and deal with security patching anymore is appealing.

Security Strategy & RoadmapNetwork
1.3k views

We as a TSO company in the utility sector, looking into replacing our Layer-2 (SDH) wan network. Due to the fact of the technology is going EOL. Unfortunately, a lot of our colleagues is not started the transition, so I’m trying to see if there are other equals who are planning or are in the process of changing their SDH network to get some feedback on how your approach was. Anyone out there who has been through the same process?

NetworkStrategy & Architecture
10.1k views3 Upvotes

What is your organization’s current status for implementing endpoint security to protect O365 on mobile devices?

End-User Services & CollaborationSecurity & GRCDevice Management+14 more

Implementation complete23%

Implementation in progress54%

Planned within the next 12 months12%

Not planned7%

Not enabling O365 on mobile2%

View Results
2.4k views2 Upvotes

I am trying to find a definitive definition of what a logical air gap is. There are various mechanisms of backup access isolation that can be employed but it seems to be a very gray area in terms of an explicit definition. Has anyone come across a definition that might even include a sliding scale of more restrictive logical air gap defenses? For example, I think about several access related configurations that could involve Role based security, MFA, SDN, Firewall, WAN, etc.

Backup & Disaster RecoveryNetworkStorage+4 more
Director of IT in Healthcare and Biotecha year ago
I agree that "logical air gap" isn't the ideal term. Air gap is easy, there is no data connection between systems/networks, only air, and as long as nothing is transported between them it will be secure (security ...read more
1
1.1k views1 Comment