This article is more than 1 year old

Apple update approach 'not realistic' in enterprise, but login 'shim' gets thumbsup

JumpCloud SME report also finds remote workers getting better at following best security practices

Not many people are talking about Apple's recent WWDC from an enterprise standpoint. But identity and machine management tool maker JumpCloud says a "shim" to connect "the login to the device through to the Safari browser" is a notable development.

JumpCloud provides identity services, which is why chief strategy officer Greg Keller zeroed in on the feature, which his company details further in its latest IT trends report.

The result, said Keller, was "an even more powerful login experience into these devices."

Despite the new feature (which JumpCloud said had been flagged up in previous iterations of WWDC, showing a level of openness perhaps rarely associated with the usually secretive Cupertino company) "we were anticipating some new deeper API hooks that didn't materialize" and a "broadening of Apple Business Manager."

For enterprise users seeking to manage fleets, those hooks are important. Although tooling in the Windows world might struggle with zero-touch deployments, doing the same with Apple hardware presents less of a challenge.

Maintaining the machines, however, is a different story. Apple's approach is to ask the user to confirm their identity before anything can be done to a system.

"In situations like that, this is where Apple demonstrates they don't have a deep appreciation of the enterprise," said Keller. It's OK for consumers, but not realistic in the enterprise, he said. "Windows," he added, "is infinitely better in the that regard … it's 35+ years of Microsoft understanding how IT teams work in the enterprise."

Greg Keller

Greg Keller Pic: JumpCloud

To be fair to Apple, the Bootstrap Token functionality would be a possible approach, but it could hardly be desribed as an elegant solution.

Principal product manager for Apple at JumpCloud, Tom Bridge, noted that "The Bootstrap Token ... only has utility when it comes to the forcible install of updates, not in user-lead experiences.

"Apple's experience for forcible install," he continued, "leaves a lot to be desired from a user experience perspective, as there's little to no warning, and no way to cancel, and frequently no way to save your work before your apps are force quit, your login session is terminated, and your data can be lost.

"It's painful, and could have resume-generating consequences for your IT practitioner if this happens to the C-Suite users without a whole lot of hand-holding."


"We want to do this only [as] a LAST resort, and we'll support this in the coming months, not just for forcible updates, but also for major version updates of macOS."

The Register spoke Bridge earlier this year about the challenges of patch management and, it appears, the product has struck a chord with customers who, according to Keller, "just hit the proverbial Buy Now button."

Later this year browser and third party update management is due to be added to the suite.

Nearly 4 in 10 IT managers made users responsible for clicking 'update' on patches

Looking at JumpCloud's Q2 2022 SME IT trends report, security remains a focus, with 59.4 percent of the more than 1,000 IT decision-makers that responded describing it as their "biggest concern," followed by device management at 48.1 percent.

Considering Keller's comments above, 39.4 percent made users responsible for patch management (or at least clicking the update button when prompted,) which suits the Apple view of the world.

The vast majority of administrators also reckoned that remote workers were better at following best security practices now than they were at the same time last year.

A majority (62.6 percent) also regarded passwordless authentication as priority (although just over half felt it was still more an industry buzzword.)

As well as metrics showing remote and hybrid working starting to drop a little in favor of full time office work (47.1 percent are back in the office full time compared to 40.1 percent a year ago) the report also showed up some intriguing geographical differences. 15.2 percent of UK admins disagreed that they were happier in their job versus 9.7 percent of US counterparts. And more UK administrators had suffered budget decreases.

Both UK and US IT decision-makers... 'tend to overwork'

Keller noted that both UK and US IT decision-makers were similar: "we tend to overwork, believe it or not," he said before wondering if the more reserved psyches of UK workers might be resulting in a "Don't bother me, I'm in the hurt box" mentality and the resulting differences in overall happiness.

A tricky one, and the impact of the last few years on IT teams will continue to reverberate for several years to come.

As JumpCloud looks to expand beyond keeping an eye on identity and patch management, the survey also threw up the phrase "tool sprawl" and noted that 38.2 percent of teams use three or more tools to manage the employee lifecycle. It said 43.7 percent of employees need six or more accounts just to get their jobs done.

And as for hardware? Device diversification appears to be on the increase. While over 40 percent of respondents expected their Windows device count to increase, just over 30 percent reckoned macOS devices would also be on the rise.

Windows devices also accounted for a higher proportion of breakdowns (at 68.1 percent compared to 58.2 percent) while macOS fell from 24.6 to 20.2 percent. ®

More about


Send us news

Other stories you might like