JNUC 2024: Jamf brings AI and more to Apple enterprise

Apple management and security services provider Jamf unveiled a series of tools and features to support Apple admins at its well-attended JNUC event Oct. 1, with a focus on AI, security, and all-new solutions to make it easier to manage large Apple fleets.

“In today’s environment, support of hybrid and remote work is the norm and the need for protecting one’s environment is a must. Jamf recognizes the responsibility of an Apple admin has only grown more complex,” said Jamf CEO John Strosahl. 

This year’s announcements certainly seem to reflect the increasing scale of challenges in distributed environments. “We’re streamlining the user experience, making security compliance easier than ever to achieve, and even providing each customer with a seasoned Jamf expert,” Strosahl added.

What did Jamf announce at JNUC 2024?

Improvements discussed at JNUC included:

  • AI Assistant.
  • Declarative Device Management.
  • Compliance Benchmarks.
  • Self Service+.

Apple’s enterprise-focused director of product marketing, Jeremy Butcher, joined Jamf leadership on stage to share insights into what Apple is itself doing to support enterprise deployments of its products.

These span the gamut of the company’s products, from new APIs and automated enrollment for Vision Pro to new features in Apple Business/Schools Manager that make it possible for admins to disable Activation Lock on managed devices. They also include management tools to enable or disable Apple Intelligence. “There’s obviously so much more, but I think most of you have probably been living it for a while,” he said as he left the stage.

With that, let’s take a look at what’s new:

What is AI Assistant?

Jamf CTO Beth Tschida arguably shared the most significant news. Jamf last year began working with generative AI as it attempted to build tools to optimize Apple admin workflows. Tschida explained the motivation: “All of you are in the middle of a rapidly evolving ecosystem,” she said. “Information comes at you at an overwhelming rate.”

The Jamf AI Assistant aims to help navigate all that data. “Think of it like having a Jamf expert at your side to help you make better decisions,” she said during the keynote speech.

AI Assistant is a powerful natural language interface that will soon be available with retrieval-augmented-generation (RAG) functionality in its initial beta offering. Full functionality and availability in admin portals is set for early 2025. 

AI Assistant combines a vast knowledge base powered by RAG and direct integration with Jamf’s product APIs. What that means is that the AI can gather, analyze, and present the most relevant information — and can also actually do things for admins, such as creating subgroups of users for policies. What’s noteworthy about the implementation is that when it does perform a task, it explains what it has done and why in a side window; it’s a big deal, given the black-box decision-making practiced by some AI tools. Enterprise users, in particular, need to know why a certain decision was made.

“AI Assistant will have the ability to decode and contextualize security alerts, providing context about their severity and potential impact, suggest next steps, and take direct action, while keeping a human informed and in control,” said Tschida. “Within seconds, AI Assistant provides a thoughtful response, drawing from its vast knowledge base.” 

The bottom line? What in the past would have taken IT admins many steps can now be handled in a few clicks using a natural language request. 

AI Assistant has another set of tools: it can help admins identify patterns in breaches and integrate with Jamf’s security features. That’s a big deal, as it makes for faster response times, more accurate threat assessments, and tougher security. 

Declarative Device Management with a twist

Jamf has long been an advocate for Declarative Device Management (DDM); like Apple, it believes DDM to be the future of device management. At JNUC, it announced improvements to its Blueprints features, touting a future-ready approach to managing device settings, commands, app installations, and restrictions — all through DDM. 

Molly Mosely, Jamf vice president for product strategy, explained what this is capable of: “You can choose common task templates or build your own. You can drag-and-drop items to build your own custom blueprint, managing everything from Safari extensions to passcodes to use of external storage, and more.”

If the demo from JNUC is to be believed, Blueprints should empower Apple admins to easily and swiftly apply policies across their entire fleets (or parts of those fleets). The company can also make new APIs from Apple accessible across all Jamf users just by adding the appropriate API within the blueprint interface.

Compliance Benchmarks

Another useful set of tools to manage an uncertain world helps admins ensure macOS systems are security compliant. Built on the macOS Security Compliance Project and Jamf Compliance Editor, Compliance Benchmarks in Jamf Pro “simplifies building, managing, auditing, and reporting on CIS benchmark compliance,” the company said.

Available first to Macs (coming later to iPads and iPhones), Compliance Benchmarks bake in key compliance measures and gives admins an immediate view of where they and each device are in terms of maintaining such compliance.

The idea seems solid. It enables admins to ensure industry standards are met when it comes to such compliance. “You shouldn’t have to be a security expert to feel confident your data is protected,” Jamf said.

This takes away the complexity of managing multiple products, with there is more to come. Jamf confirmed it is working with partners to give admins much deeper insight into activity on their fleets using telemetry data, enabling much more in depth compliance management and control. By the end of the year, you’ll be able to audit your Macs like never before.

Self Service+

Jamf has offered a Self Service solution for a while. Self Service+ builds on those features, delivering them through a user-focused application that lets those using managed devices find their own way. This means a company-branded, curated overview of apps and content can be made available. What’s new is that end users can also monitor all their notifications and security alerts within the portal. That makes it easier to ensure employees can find what they need and stay informed without needing to work through multiple apps.

It also makes deployment and provisioning of apps and services a great deal easier for IT.

Please follow me on LinkedIn, Mastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *