After that IBM / Mac / JAMF announcement, it’s a good time to ask: What’s your Mac strategy?

Last week IBM announced a new service to help companies integrate Macs, officially part of their IBM MobileFirst Managed Mobility Services program. The new offering follows their own internal increase in Mac usage (their "Macs@IBM" program).

Last week IBM announced a new service to help companies integrate Macs, officially part of their IBM MobileFirst Managed Mobility Services program. The new offering follows their own internal increase in Mac usage (their “Macs@IBM” program). IBM is using JAMF Casper Suite as the OS X management platform.

Naturally much of the coverage is concentrating on the “PC maker is embracing former rival” aspect of the announcement. But in our world, we know the interesting part of this are the challenges that come from managing these non-Windows devices.

There are actually many ways to manage Mac OS X (contrary to the annoyed utterances the can occasionally be heard from desktop administrators when somebody walks in with a Mac).

  • OS X can bind the Active Directory, natively out of the box without any third-party tools.
  • There are a wide variety of third-party management tools (some commercial, some open source).
  • OS X supports many of the same MDM APIs as iOS. This has been emerging over the last few years and gradually getting more powerful.
  • Various forms of desktop virtualization can be used.

We should take a second to talk about JAMF for anybody that might have read the IBM announcement and not been familiar with them. JAMF has been around since 2002, most prominently in all the traditional Mac strongholds like graphics and education. JAMF is almost entirely dedicated to Mac management (with some EMM, too), and is considered to be one of the best OS X tools out there (they have a lot of fans). Congratulations to them on the IBM announcement.

Changing Mac Strategy?

Given all of these options, and keeping last week’s IBM announcement in mind, what’s your Mac strategy going to be?

Yes, IBM’s announcement is significant, but also remember that the overall Mac changeover is more slow and steady. Increasing usage of Mac OS X among rank and file employees (i.e. not specialties like graphics and design that have been using them for years) has been an ongoing trend (and topic of conversation and hand wringing) for years.

The rise of Mac OS X in the enterprise is also quite different from the rise of iOS and Android. Yes, they’re the same in that they’re all non-Windows (and thus somewhat alien). But Macs are still desktops and laptops, whereas mobile devices have a completely different interaction model that calls for entirely new app concepts.

Anyway, you may or may not be at the point where you’re ready to change the way you deal with Macs. If you’re already in the camp of using JAMF or any of the many other third-party management tools, then you’re all set. You’ve probably already had Macs for years, for specific reasons.

But if you’re at a company where Macs are coming in gradually—and perhaps currently your Mac management is done is some sort of informal, manual way—at some point there will be a critical mass where you have to decide what to do.

Which choice?

Obviously if you want the most control you can get, there are a range of full-featured management tools. Or if you just want to abstract the corporate environment, there are all forms the desktop virtualization that we’ve been working with for years

But of course the option that I want to go a bit deeper into today is MDM—similar to the conversation about MDM and Windows 10 that’s been going on this summer.

The main question is: Does MDM do enough of what we want it to do? There are two points of view here. If you’re going from unmanaged Macs to managing them with MDM, at least you’re getting more control than before. (This is quite a bit different from using MDM for Windows 10, where presumably you’re going from full management to a less-powerful form of management.) MDM also makes sense if you consider your EMM platform to be responsible for all your non-Windows devices.

On the other hand, MDM just might not be enough. Even though OS X is evolving to have some of the characteristics of mobile devices (app store apps, configuration profiles, etc.), we’re still talking about a desktop OS. There are many things you just won’t be able to do, like deal with non-App Store apps. (Some EMM vendors support both Mac MDM APIs and traditional management, though.)

You can also consider the Workspot approach—putting corporate resources in a container app, and securing and managing it independently of the OS. (This is what Moka5 Project Skynet did, too.)

So what do you think? Are any of these current trends causing you to re-think you Mac strategy? And if so, what are you thinking about doing?

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.


There are three distinct use cases, when it would make sense to get one of the three solutions: VDI, EMM for Mac, or Workspot.

If the end user needs a Windows desktop, get them VDI.

If IT owns the device, use EMM for Mac (JAMF).

If the end user needs access to apps and data, give them Workspot.

BTW, I think this applies to all end points. What if the user has a PC, and Android phone and an iPad. You could ask the same question, and I think the answer is the same. It depends on the use case.