June 2023 – MacAdmins Meeting

15 Jun June 2023 – MacAdmins Meeting

June 21st, 2023 – University of Utah, MacAdmins Meeting

The University of Utah, MacAdmins Meeting is held monthly virtually on the 3rd Wednesday of each month at 11 AM Mountain Time. Presentations cover Apple technology and integration in a heterogeneous university enterprise environment. This month’s meeting will be held on Wed, June 21st, 2023 at 11 AM MT and we will provide live broadcasts and archives that will be made available 2-3 days after the meeting.

DLP Solution for Mac – Roman Foeckl,  CSO/Founder Endpoint Protector by CoSoSys

Endpoint Protector is a data loss prevention (DLP) software solution designed specifically for macOS. It offers Mac administrators a comprehensive set of tools to enhance data security and prevent data breaches on Mac endpoints. With content-aware data loss prevention capabilities, administrators can scan and analyze various file types to detect and prevent the unauthorized transfer or leakage of sensitive information. This helps ensure compliance with data protection regulations and safeguard valuable data assets.

One of the key features of Endpoint Protector is device control, which enables administrators to manage and control peripheral devices connected to Mac endpoints. By setting policies, administrators can allow or block specific devices such as USB drives, external hard drives, printers, or cameras, mitigating the risk of data exfiltration or malware introduction through these devices.

Endpoint Protector also provides file tracing and shadowing functionality, allowing administrators to monitor and track the movement of files within the organization. This feature creates a detailed audit trail of data transfers, helping administrators investigate data access and identify potential security incidents. Additionally, the software supports encryption and password protection of sensitive data, offering an extra layer of security.

Although Apple software has security as a top priority, the macOS alone may not be enough to prevent internal threats such as data exfiltration by users, whether intentional or not, and comply with data protection regulations. This presentation focuses on the security measures that administrators must implement to meet the minimum standards for data compliance, including Personally Identifiable Information (PII), financial data, and organization intellectual property. Additionally, the session explores the latest developments in technology, such as Apple’s Vision Framework, which enables even better detection of data loss threats with a 10x improvement in Optical Character Recognition (OCR) accuracy and a 3x reduction in processing time.

About Roman Kudiyarov

Roman is the Founder and Chief Strategy Officer of CoSoSys. Before founding the company in 2004, Roman worked for Goldman Sachs in Frankfurt, Germany, and Paris, France. Roman’s vision is to offer an easy-to-use and implement Data Loss Prevention Solution that covers all popular platforms, from macOS to Windows and Linux, so large and small businesses can protect their data against accidental loss or intentional data theft.

• Video – To view the archived presentation video, click here.
• Slides – To view the archived presentation slides, click here.

Jamf Pro LAPS  – Garett Schmidt & William Smith, Jamf

LAPS, also known as Local Administrator Password Solution, is a security feature initially developed by Microsoft in 2015. It was designed to address the need for automatically rotating passwords for shared IT administrator accounts on end users’ computers, primarily in Windows environments. Over time, LAPS has gained recognition as a standard industry term applied across different platforms. The use of shared admin accounts on end users’ computers has posed significant security concerns. These include the vulnerability of the entire fleet if the credentials are compromised, the lack of control over who can access the credentials, the potential risk to end-user privacy and sensitive data, and the complexities involved in changing credentials when an administrator departs from the organization.

By implementing LAPS, organizations can mitigate these security risks by ensuring that passwords for shared IT administrator accounts are automatically rotated. This helps to minimize the impact of credential exposure and provides better control and auditing capabilities over access to sensitive resources.

For MacAdmins, LAPS functionality was included with open source tool macOSLAPS. macOSLAPS is a tool that brings the functionality of LAPS (Local Administrator Password Solution) from Windows to macOS. It is a Swift binary that can be installed on macOS devices to perform randomization of the local administrator password. The purpose of macOSLAPS is to enhance security by regularly changing the local administrator password on macOS clients.

Recently Jamf added support for Local Administrator Password Solution (LAPS) in Jamf Pro 10.46.0. Garett Schmidt and William Smith with Jamf will demonstrate how to use the new feature and discuss what’s planned for future development as LAPS support evolves in Jamf Pro.

About Garett Schmidt

Garett has been with Jamf since 2014, starting as an intern in Support. He was there for about 4 years on the tier 4 Support Engineer team when he found he had a lot of interest in helping make the quality of Jamf’s products better. So, he joined the Engineering side in 2018 and has been on the Neon/Wolfpack team ever since. His team has a primary focus on the MDM side of Jamf Pro but they’re also a feature team, often working on the new features that Apple has introduced or, in this case, LAPS.

About William Smith

Bill helps train and support internal Professional Services engineers as well as partners delivering services on behalf of Jamf. Occasionally, he’ll contribute to the Jamf Blog or Jamf Tech Thoughts, present technical webinars for customers, and speak on his experiences helping customers at the Jamf Nation User Conference or other conferences. He’s been a customer, an Integrator, and an employee over the past 20 years.

• Video – To view the archived presentation video, click here.
• Slides – To view the archived presentation slides, click here.
  
  

Jamf Composer – Sonia Rodriguez, Jamf

Jamf Composer is a package creation utility designed for MacAdmins to easily create software installation packages within Mac networks. It allows administrators to configure and customize software before distributing it to end users, saving time and resources. Composer supports various package formats, including standard or flat .pkg, mpkg, or .dmg, and can be deployed using Apple Remote Desktop or other patch management systems.

Key features of Jamf Composer include drag-and-drop package building, a built-in Quick Look file viewer, and the ability to create packages from pre-installed software using “PreInstalled Diff” files. It also offers a package editor with productivity features such as managing scripts, localizations, and file changes.

Jamf Composer can monitor the file system using FSEvents, eliminating the need for creating snapshots during package creation. It does not require Apple’s Developer Tools to be pre-installed, and it provides the option to create signed, flat PKGs.

Jamf Composer is available as part of the Jamf Pro suite or as a standalone Mac package creation utility for purchase.

About Sonia Rodriguez

Sonia Rodriguez is a dedicated Professional Service Engineer at Jamf, a prominent company specializing in Apple device management solutions. With a strong focus on customer satisfaction, Sonia leverages her expertise to assist clients in implementing and optimizing Jamf products according to their unique business needs and objectives. Drawing from over five years of experience in the IT industry, including her previous role as an IT specialist at a major corporation, Sonia brings a wealth of knowledge to her work.

Beyond her professional pursuits, Sonia is fueled by a passion for education and sharing knowledge. Currently, she serves as an esteemed educator, teaching college courses on computer science and cybersecurity. Her commitment to staying at the forefront of technological advancements motivates her to continuously expand her skill set and embrace new opportunities for growth. Sonia thrives on challenges and welcomes fresh ventures that push her boundaries, allowing her to constantly evolve in her field.

• Video – To view the archived presentation video, click here.
• Slides – To view the archived presentation slides, click here.

Open Discussion

Questions, comments, problems, and fixes.

Directions

Due to the coronavirus (aka Covid-19) crisis, this meeting will not be meeting in person but will currently be done virtually using Zoom video communications architecture.