MacOS & Compliance Management

DHR

DHR

Soldato
Joined
30 Apr 2003
Posts
3,469
Wondering if anyone has managed MacOS devices under a compliance management process (e.g. 27001/PCI).

I'm using SCCM and although I only have 10-15 MacOS devices, auditors still want them bring under SCCM, with software, patch management etc, I'm keen to do so as well given the challenges in managing them on a day to day basis without automation and accommodating end users!

I was looking at parallels initially but licensing wise its a minimum commitment of 50 which is beyond overkill.

I need to get PKI certs etc. sorted before I can bring them in under SCCM but I'm interested on thoughts re software and patch management for them, or should i go down the InTune route for just MacOS?
 
If you've already got access to Intune's, then i'd certainly start there - can't say i've personally used it.
But the obvious choice would be to go down the MDM path and opt for (the standard) JAMF - extremely powerful and will do everything you'll need (has a SCCM plugin too). However, i suspect you would have to go to a partner (DataJar etc) for licensing as JAMF themselves have minimum commitments.

There's plenty of 'homebrew' solutions (Munki, MicroMDM etc) for managing MacOS and whilst usually free/cheap, it can be a time sinkhole cobbling together apps/services.

I did see someone mention ManageEngine Desktop Management on another thread - looks interesting for (very) small deployments and i believe you can leverage SCCM.

Edit - Just to add, i'd recommend joining the MacAdmins Slack Channel (https://macadmins.herokuapp.com) as it's a great resource for anything and everything to do with Apple deployments and management.

Cheers for the heads up will look into that!
 
Back
Top Bottom