The Iru Blog

Iru Team

•

4 min read

Why IT Should Be Transparent with Users

Let’s be honest: Sometimes there’s a trust gap between IT and end-users. Admins may promulgate a policy without explaining the “why” behind it. Users may then try to circumvent or disregard that policy. And back and forth it goes, making life harder for both sides. Transparency in IT—telling users what you’re doing and why—is one way to bridge that gap. But how much should you, as an admin, tell your users about how you’re managing their devices? What’s the best way to communicate that to them?

Thought Leadership December 22, 2021

Iru Team

•

7 min read

Lessons from 1,000 Migrations: How to Switch Device-Management Solutions

If you manage Apple devices, sooner or later you’ll consider the question: Should we switch from our current device-management solution to another? That question immediately leads to a host of others, and pretty soon the whole idea of migrating may begin to seem overwhelming. But it doesn’t have to be. With the right preparation and planning, switching from one device management solution to another is eminently doable, with big payoffs in efficiency and new capabilities at the end.

Educational December 3, 2021

Iru Team

•

4 min read

Single Sign-on with SAML: How and Why to Set It Up

Weak and forgotten passwords have always been a sore spot for IT. Single sign-on (SSO) with SAML can ease that pain, by simplifying the login experience and enforcing secure authentication. In this article, we’ll provide an overview of how SSO and the SAML framework work together to keep users and administrators secure.

Educational November 19, 2021

Iru Team

•

2 min read

Apple and the Hybrid Workplace: A Perfect Fit

By now, you’ve no doubt heard a lot about the “hybrid workplace”: After a year-plus when many employees worked entirely at home, many are now filtering back to the office. In some cases, “hybrid” means a given worker spends some days working remotely, others in the office. In other cases, it means that some workers are 100 percent remote, and others are in the office all the time. Regardless of the mix, this new hybrid workforce has serious ramifications for the IT admins who have to make sure everyone stays productive and secure wherever they are. To get some insight into what this brave new workplace will mean to IT departments, Kandji commissioned a survey. Conducted by Dimensional Research, it asked more than 300 IT stakeholders around the world: Is the hybrid workplace temporary or here to stay? What kinds of devices are best for hybrid workers? Do Apple devices in particular offer any advantages or disadvantages when it comes to hybrid work? Here's what they told us.

Educational October 7, 2021

Iru Team

•

4 min read

Moving from Windows IT to Mac: What You Need to Know

According to one recent estimate, nearly a quarter of the computers now used in U.S. enterprises (with more than 1,000 employees) are made by Apple. While that’s great news for those employees (who, when given the choice, tend to choose Mac), it could be a concern for IT admins who have previously worked exclusively with Windows PCs. If you’re one of those admins and are being asked to manage Apple devices for the first time, we’re here to tell you: Don’t fret. If you’ve dealt with Windows you can figure out Mac. Here are four essential ideas to get you started. You Don’t Need to Bind Users Come First It Matters Where You Buy Join the Community

Educational June 4, 2021

Iru Team

•

3 min read

How Mac Admins Make Zero-Touch Deployments Work

The ideal: You have a new Mac, iPhone, or iPad shipped directly to a new employee and, when that employee starts it up for the first time, the device is automatically enrolled in your MDM solution, with all the apps and settings you want in place—all without you ever touching the hardware itself. But a lot of things have to work right for zero-touch deployments to go as smoothly as you’d like. Among the variables: The vendor you’re buying the hardware from; Apple’s enterprise services (in the form of Automated Device Enrollment via Apple Business Manager or Apple School Manager); your organization’s IT infrastructure; and users themselves. A problem with any one of those links in the chain can make zero-touch harder than it should be. That’s why we recently asked IT administrators on LinkedIn about their experiences with zero-touch. They had some advice for those who are following in their footsteps. Here’s what they told us.

Thought Leadership May 6, 2021

Iru Team

•

7 min read

The Case for MDM: Improve Security, Save Money

In the modern workplace, mobile device management (MDM) is essential. When it comes to configuring devices, deploying apps, and complying with security requirements, MDM solutions can help you do it all quickly, flexibly, and cost-effectively. But despite all those advantages, the value of MDM can sometimes be a hard thing for an organization's decision-makers to appreciate. They may not know what MDM is or how it can make an IT team more efficient and freed up for more important strategic work. In this guide, we’ll spell out what we consider to be the most compelling reasons for adopting MDM. We’ll focus primarily on MDM solutions that can help you manage Mac computers and iPhone/iPad devices, because that’s the business we know best. The essentials of the case we'd make: What is MDM? Why do you need MDM? Improving security Saving time Increasing agility Saving money

Thought Leadership March 25, 2021

Iru Team

•

4 min read

Mac Admins Share Best Practices for Managing Users

At Kandji, we get a lot of questions about best practices in mobile device management. We decided to get answers to those questions from the best source: The IT admins who manage Apple devices day in and day out. One thing those admins know is that the job isn’t just about keeping that hardware secure and up-to-date using MDM. It’s also about making sure that the people who use that hardware stay productive and happy. We recently asked some Apple IT folks for their tips on managing Mac computers, iPhone and iPad devices, and people. We’ve already posted some of their answers about migrating to macOS Big Sur, and we’ll be posting more of their advice about the technical side of the job. But we also wanted to share some of their insights into how they work with users. Here’s a quick overview of what they told us: Make device management easy on users Invest in training Be transparent Give users responsibility Think long-term

Educational March 11, 2021

Iru Team

•

10 min read

Guide for Apple IT: Content Caching in macOS Big Sur

Content caching is a powerful tool that speeds up software installation on Apple devices on a local network. At WWDC 2020, Apple announced a few exciting changes that will make content caching even more powerful on macOS Big Sur. In this guide, we’re going to do a deep dive into what content caching is, how it’s changing, and how you can accomplish simple and advanced configurations for it. Here’s a brief overview of what we’ll cover: What’s Content Caching? What’s Changing in Big Sur? How to Set Up Content Caching on Mac

Educational February 24, 2021

Iru Team

•

4 min read

Managed Apple IDs: How to Create with Azure AD

If your business is using Microsoft Azure Active Directory (Azure AD) as your identity provider, then you can use federated authentication to connect your Azure AD instance with Apple Business Manager to create a seamless login experience for your employees. In this post, we're going to discuss a related new feature that Apple announced, SCIM (System for Cross-domain Identity Management), which makes it easier to import users into Apple Business Manager. We'll also cover how SCIM differs from a different method called just-in-time (JIT).

Educational September 30, 2020

Iru Team

•

3 min read

Are Your Users Receiving Legacy System Extensions Alerts?

As of macOS Catalina 10.15.4, Apple has begun alerting users when their Mac detects a kernel extension (KEXT) is leveraging deprecated KPIs (Kernel Programming Interfaces). If you haven’t seen this alert yet, you can see what it looks like below, stating that the loaded KEXT will be “incompatible with a future version of macOS.”

Educational March 26, 2020

Iru Team

•

12 min read

Guide for Apple IT: Device Enrollment

For any business that runs on Apple, choosing the right device enrollment method is essential to speed up onboarding and provide the right balance between privacy (for corporate and personal data) and management capabilities. In this guide, we’re going to take a look at three device enrollment methods that Apple offers, breaking down their strengths, weaknesses, and ideal use cases. We’ll also discuss how they relate to important privacy and policy topics like user approved MDM (UAMDM) status, “Transparency, Consent, and Control” (TCC), device supervision, allowing kernel extensions, and BYOD (Bring Your Own Device). Here are the three enrollment methods that we’ll cover: User Enrollment Device Enrollment Automated Device Enrollment (formerly “DEP”)

Educational February 19, 2020