Jamf extra – around the table with the experts
Jamf is an organization that helps Apple fans get the most out of their devices and the whole Apple architecture. At the Jamf Nation User Conference (September 27th-29th) this year, it revealed a lot about where Apple – in concert with other leading technology and solution companies – is heading in the next year, including secure equipment straight out of the box, shared-use single work-recreation devices, and the death of the traditional plastic identity card to get into physical spaces.
But after the Conference was over, there was a get-together – a virtual round table – where some of the burning technological questions of the day were addressed.
Around the table were:
- Dean Hager, CEO, Jamf
- Parisa Tabriz, VP of Engineering, Google Chrome
- David Brown, VP of EC2, Amazon
- Brandon Arcement, SwiftConnect
- Todd McKinnon, Okta, and
- Bjorn Lidefelt, CEO HID
A great, secure experience?
Parisa, how do collaborations help to create security, while still delivering a great experience? How do you take advantage of native experience, feel, the web platform, etc.
We think really deeply about how we can continue to do that. When I started at Google, I had a native calendar app that crashed a lot of the time, and collaboration was version 12, version 13. In two decades, that’s shifted to a system of real-time collaboration. If security has rough edges, humans will work around it. In our conference keynote, you saw how seamless the onboarding process can be, with cloud-based Chrome for Enterprise. We work really closely with the Google Cloud security team. It has zero-trust protection, which is a really good first step, and we’re bringing it to IoS devices too. The key will be how we make sure the browser is secure by default.
Todd, our online identity is becoming as important as our real-world name. In the world of security, we don’t like to enter our authentication a hundred times a day. What are you doing to make sure that our online identity is able to be the key to everything we need to do – but also secure?
We’re helping people and companies manage the disparate parts of online identity. The important part of that is making it super easy. The downside of that is… that it’s actually really hard. When the technologies were evolving, no-one was thinking about how to pull things all together around identity. This is a complex world, and our whole thing is that we want to integrate everything together. We’ve toggled between super-hard to lock down and super-permissive, because things weren’t integrated. We want to take away the complexity and say to businesses “This is how you balance the important things for your business.”
The move to digital badges
Bjorn, can you talk about the movement towards using digital staff badges and also what you see happening in a hybrid environment in terms of getting into physical buildings?
The way we’re working is changing, and I think it will continue to change. It’s just the beginning of an evolution of how we work – the market and the customers have changed. What’s really changing here is how the consumer chooses to work.
The best way to describe the partnership is giving the consumer the choice. It’s no longer about just keeping the bad people out, it’s about letting the good people in, letting them do what they need, when they need, and how they need. As a partner, we need to provide the choice in a trusted, convenient way.
We can now deliver the flexibility we always had with cards, but in this new digital environment.
Yeah. We get asked at Jamf, since we have people going into the office less frequently, why are we changing to non-physical badges? And the point is that after the pandemic and the widespread shift to remote and hybrid working, people have lost the automatic muscle memory of reaching for their physical badge before they leave the house. But because the phone is so ubiquitous, because it does so much of what we do on a daily basis, no-one leaves the house without their phone. People would rather look for their phone and be late than leave the house without it, because it’s so completely a part of everyday life. So moving to digital badges in an Apple wallet on the phone makes sense. As you say, it’s not just about stopping the bad people, it’s about empowering the good people – the people who should have access to places – to have less trouble getting into them.
AWS’s five tech predictions for 2022
Exactly. And while I’m very excited about what we’re announcing here today, I’m even more excited about what we can do in the future. This is the starting point for a new way of doing things.
And that’s why we went with HID when it came to commercialize the idea of these badges – the focus not only on how we solve the problems of getting this technological shift delivered today, but how we can evolve the whole process going forward.
Replacing muscle memory
BA: I think that’s important. SwiftConnect was founded on the principle of connecting the right person with the right environment at the right time. Pre-pandemic, there was habit. People made the same journeys every day, and as you say, there was a muscle memory to that, which included grabbing their physical badges. Now there’s more fluidity – you book a desk on a day, so the previous paradigm is untenable. What we do to address that is use APIs to authenticate identity. Previously, the card handout was a one-time, in-person experience. So we’re working with Apple and HID to translate that to a mobile device, with propagated programming to each device.
A lot of physical security technology gets stale really fast. Now we can get rapid organizational approval without the need for broad organizational consensus, to give people the choice – physical card or remote credential – and build back as needed.
Meanwhile at Amazon, we had the question of how we bring Apple Mac to the Cloud? If we’re going to do this, it has to be the Apple experience with the best of AWS. We launched in 2020, and took Mac Minis, and our nitro system – all the offloading systems we use – and every single port on that Mac Mini is filled. The only thing we couldn’t automate was pushing the power button. So, believe it or not, we built a solenoid that did that for us, and now we offer the Apple Mini on AWS. We’ve been able to unlock efficiencies because people can access a Mac any time they need one.
The customers started to say “How do we manage this environment? Can we use Jamf?” What could we do? Was there a way we could do that? And we announced in a press release yesterday that yes, now we can. It’s all about answering the demands of customers through productive partnerships.
The immediate future
Parisa, David, Todd – what do you see happening out there right now, and in the next year?
Making a great Chrome on IoS is a huge area of investment – people that love Apple want a great product. We’re taking advantage of new hardware capabilities, and we call it IOS Citizenship. We’re looking at how people can build better apps on Chrome. How do we make more work software work really well on the web? We work with Google identity but also with Okta – how do we work well with third-party developers? That’ll be a thing to focus on in the short-term future.
No-one cares about a PC as such, they care about what you can do with it. Ten years ago, all the apps were on the PC. Now they’re on the web. What IT teams care about is experience, simplicity, security, etc. At Okta, we have to use a Mac now, it’s the machine that gives us what we need, it’s what lets us do what we need to do. So improving the experience, the simplicity and the security for people and teams is where we’re heading.
David, what’s the perspective on the EC2 Apple environment? How did it meet what you expected to happen?
We always have some idea what to expect, but it exceeded our expectations. With Macs being available on EC2, we can ask questions about ultimate customer experience at scale. The level of efficiency we were able to bring by making them available on the cloud was really surprising.
The next generation
Here’s a question for you all. What will the next generation expect that we don’t yet consistently see delivered?
The experience we have right now when it’s hard to talk at the same time? That’ll l be child’s play. Better audio, better immersion, better back and forth – it’ll be a breeze.
I want to be a hologram!
Brandon and Bjorn – I want physical badges ultimately to disappear. But what sort of effort is necessary for organizations to do this. When will it be “normal”?
The “skip the line” experience
It took generations for card to reader security to become the norm. I think it’ll take generations to do the same with e-badges too.
I think often we’re disappointed in the time it takes. But I think there are big changes that speed it up, like the hybrid work model, and now Apple joining the space. The value it creates is what will push this through – the “skip the line” experience of being able to have technology talking to technology.
The “skip the line” experience that is yet still secure is what we’re all aiming to create, I think.
The future looks smooth, interconnected, and able to deliver the device-to-infrastructure “skip the line” experience when it comes to spatial access – according to the heavyweights at the Jamf Nation User Conference, 2022.
22 March 2023
22 March 2023
22 March 2023