Defining Security Policy

Defining a security policy for your organization is a foundational configuration step to deploy Trusted Access.

A security policy defines the types of threats your organization considers risky, and defines a risk level for each.

Jamf Protect for Mobile Devices

To configure Jamf Protect for Mobile Devices, you use RADAR's Security Policy Configuration to enable or disable categories of threats, and further define the risk-level (None/Low/Med/High) that a given threat within each category represents.

As threats within these categories are detected, the risk for the devices upon which the threats were detected are updated auomatically.

These device risk levels directly drive network risk-based access policies, which determine the apps and data a given device is permitted to access with a given risk level.

When Jamf Pro is integrated with the Jamf Security Cloud, each device's risk score (Secure/Low/Medium/High) is sent to Jamf Pro in the form of an extension attribute, enabling automatic MDM-level threat response via dynamic smart group assignment logic.

macOS Security Portal

In the macOS Security Portal, you can monitor Insights that are able to reveal your endpoints compliance baselines. Any devices that are out of compliance can be corrected by using appropraite Jamf Pro configuration profiles.

Analytics are used to monitor for specific behavior on macOS endpoints that may indicate the presence of malware or an active attack. There are numerous built-in analytics and you can define your own custom analytics as well. Based upon your organization's security sensitivity, you'll want to tune all or select analytic's severity setting to help drive the appropraite threat response if the analytic is triggered.