May 2024 – MacAdmins Meeting

May 2024 – MacAdmins Meeting

May 15th, 2024 – University of Utah, MacAdmins Meeting


mac_mgrs_crowd

The University of Utah, MacAdmins Meeting is held monthly virtually on the 3rd Wednesday of each month at 11 AM Mountain Time. Presentations cover Apple technology and integration in a heterogeneous university enterprise environment. This month’s meeting will be held on Wed, May 15th, 2024 at 11 AM MT and we will provide live broadcasts and archives that will be made available 2-3 days after the meeting.

 

Apple 802.1X  – Dave Pugh


802.1X is a network authentication protocol used to enhance the security of wired and wireless networks. It provides a framework for controlling access to the network, requiring users or devices to authenticate themselves before being granted access. This authentication process typically involves using credentials such as usernames and passwords, digital certificates, or other authentication mechanisms. 802.1X helps prevent unauthorized access to the network by ensuring that only authenticated and authorized users or devices can connect, thereby safeguarding sensitive network resources and data.


Join us for an insightful discussion, focusing on optimizing Apple device connectivity within university networks. Explore how 802.1X, including networks like eduroam, safeguards your campus network, and learn about the role of a RADIUS server in network security. Discover practical strategies for configuring Apple devices to seamlessly connect to these networks using configuration profiles. Gain valuable insights into secure authentication methods such as Login Window Mode into Wi-Fi environments. 

About Dave Pugh

Dave Pugh, CWNE #452, has been working with Apple devices in higher education for over 20 years. Before this, Dave worked at one of the largest internet service providers, which kicked off his love for networking technologies and later joined the IT team at the University of Michigan supporting Apple devices. Since then, he has taken on a role at a different company supporting technology in higher education but has continued to focus on networking, obtaining his Wireless Network Administrator certification in 2013 and built upon that since.


     Note – Please be aware that by Apple’s policy, this presentation will not be recorded or accessible after the live broadcast.  

Microsoft Defender for Endpoint macOS FY24 Updates – Yong Rhee, Microsoft


Microsoft Defender for Endpoint on macOS is a security solution provided by Microsoft to protect macOS devices against various cyber threats. It is designed to provide advanced threat protection and endpoint detection and response (EDR) capabilities to macOS devices, such as MacBooks and iMacs, which are commonly used in enterprise environments. It includes features such as real-time protection against viruses, malware, and other malicious software, as well as advanced threat detection and response capabilities such as automated investigation and remediation of security incidents.



Join us for an exclusive presentation by Yong Rhee, Microsoft Product Manager for Microsoft Defender, as we unveil the latest updates and enhancements to Microsoft Defender for Endpoint on macOS for Fiscal Year 2024. Gain valuable insights as we explore the newest features and capabilities designed to bolster security and protect macOS devices against evolving threats. From advanced threat detection and response mechanisms to seamless integration with macOS systems, Yong will guide attendees through how Microsoft Defender for Endpoint empowers organizations to safeguard their endpoints effectively.

About Yong Rhee

Yong Rhee is a Product Manager for Microsoft Defender for Endpoint, and the areas that he owns are the macOS experience and 1st party data center.  He has been with Microsoft in different roles such as Customer Experience Engineering (CxE), Premier Field Engineering (PFE, consulting), and CSS.

  • Video – To view the archived presentation video, click here.
  • Slides – To view the archived presentation slides, click here. (coming soon)

 

Managed Apple IDs – Michael Scott, Apple


Managed Apple IDs provide educational institutions with centralized control over user access to Apple services and devices, delivering a multitude of advantages. Administered by IT professionals, these IDs streamline provisioning, monitoring, and account revocation processes. Integration with Apple School Manager automates enrollment and management tasks, enhancing efficiency. Moreover, Managed Apple IDs prioritize privacy and security through enforced policies while granting access to a plethora of educational resources available on platforms like the App Store and Apple Books. Simplifying device enrollment and management through Mobile Device Management solutions, they promote collaboration via integrated services such as iCloud Drive and iCloud Mail, fostering a conducive learning environment. Ultimately, Managed Apple IDs enable personalized learning experiences tailored to individual user profiles, boosting productivity and collaboration in educational settings.

Additionally, Managed Apple IDs cater comprehensively to educational needs, supporting features like Shared iPads and Apple Vision Pro, all while ensuring the segregation of work and personal data. Shared iPads enable efficient device management and distribution among students, empowering each with secure access to personalized apps and documents. Apple Vision Pro enriches accessibility features, enabling diverse learners to engage effectively with educational content. Furthermore, Managed Apple IDs facilitate data segregation, safeguarding privacy and security. Leveraging features like Managed Open In and Managed App Configuration, institutions enforce stringent data controls, protecting sensitive information while granting access to educational resources. This separation not only nurtures a conducive learning environment but also shields personal data from unauthorized access.

Do more with Managed Apple IDs - WWDC23 - Videos - Apple Developer

Managed Apple IDs can indeed be utilized with groups in Apple School Manager, offering educational institutions a streamlined approach to managing user access and permissions. By organizing users into groups based on roles or departments, MacAdmins can efficiently assign appropriate permissions and access levels to different sets of users. This allows for better organization and control over user management within the institution’s Apple ecosystem.

Moreover, educational institutions can elevate Managed Apple IDs’ capabilities by federating with Azure/Entra ID, facilitating seamless authentication and access control across Apple devices and Azure/Entra ID-managed resources. This integration leverages existing identity management infrastructure, ensuring consistency and simplifying user management. Enforcing centralized access policies enhances security while enabling single sign-on (SSO) streamlines user experience and reduces administrative overhead. Ultimately, federating with Azure/Entra ID amplifies the effectiveness of Managed Apple IDs, enabling secure and efficient resource access across the educational ecosystem.

Learn about using, deploying, and supporting Managed Apple IDs. Managed Apple IDs are iCloud accounts whose functionality has been tailored for educational use. Learn more about how to use Apple School Manager to provision, and utilize, Managed Apple IDs in your organization.

About Michael Scott

Since 2007, Michael Scott has been a Systems Engineer at Apple, serving the education market. Michael got his start with Apple IT in 2000 when he learned to deploy Mac labs at the University of Colorado. Michael works out of his home office in Denver, and he loves all things MDM, DDM, and visionOS.

     Note – Please be aware that by Apple’s policy, this presentation will not be recorded or accessible after the live broadcast.  

 

Open Discussion


Questions, comments, problems, and fixes.

Directions


This meeting will not be held in person but will be done virtually using Zoom video communications architecture.

With Zoom we will implement the following security best practices:
 
  • Require a Password to Join This meeting will require a password to join the meeting. Information will be emailed via a campus internal list, but if you are external and want to attend the meeting, please use the Contact Us form to receive details. Else, the archive of the meeting will be available 2-3 days after the live meeting.

  • Waiting Room When joining the meeting you will be placed in the Waiting Room by default and the hosts will give you access to the live meeting.

  • Miscellaneous We will also implement other settings and safeguards to secure the meeting.

Archived Presentation(s)


  • Archives of the presentations will be available on this web page.
No Comments

Leave a Reply