How IT admins are preparing Macs for hybrid work

Emily Brown

Mar 16, 2022

9 min read

According to a survey by Harvard Business School Online, 81 percent of working professionals would prefer not to go back to the office at all or have a hybrid work schedule going forward. It is quite an unsurprising result as employees like the flexibility and perks of hybrid work. However, hybrid work comes with its own set of challenges. Hybrid work also includes a hybrid array of devices – be it Windows desktops or Mac machines. IT admins are navigating an entirely new set of challenges while adopting Windows and Macs for hybrid work.

As Apu Pavithran, the Founder and CEO at Hexnode says,

The hybrid work culture — in which we work from home some days and go into the office other days — faces a double challenge, as there’s the need to establish a flawless cybersecurity infrastructure in the office and at home.

Navigating the New Normal

Even if we call it “The New Normal”, it is not so new anymore. The pandemic started in 2019 and since then we have witnessed the rapid growth of the digital world. Major companies like Google and Apple are adopting the hybrid work model to adapt to the changing times. Even start-ups and SMBs are choosing hybrid work instead of in-person offices.

The burden of managing the remote and non-remote workers alike fell on the IT departments of every company. They had to figure out a way to keep the endpoints secure and employees productive. To a large extent, they did a great job which made it possible for companies to consider hybrid work as a permanent option rather than a temporary measure.

How Hexnode MDM can help your enterprise with remote work

Why is hybrid work working?

Companies are benefitting visibly with a hybrid work strategy and here’s how:

  • Higher flexibility for working from anywhere.
  • Option to draw talent from a larger pool regardless of geographic boundaries.
  • Continued operations without being affected by Covid-related or other shutdowns.
  • Enables more diversity in the workforce.
  • Increases productivity as employee satisfaction is higher.
  • Improved corporate culture.

Staying on top of the challenges

Of course, it is not all rainbows and butterflies with hybrid work. There are definite challenges that arise with each model of work and hybrid work is no exception. Since discussing all the possible challenges and solutions could take a while, we will focus on solving the issues faced by Mac admins while adopting Macs for hybrid work.

The rise of Macs in the enterprise

A beginner’s guide to Mac management

There are multiple factors that led to the increased use of Macs in the business world. Apple has introduced many enterprise-friendly features over the past decade, which certainly helped in cementing Macs as a viable option.

  1. Lesser TCO in the longer run: The Total Cost of Ownership (TCO) is lesser for Macs, according to this Forrester report. Organizations that use Macs can save around $800 over the course of three years as compared to a PC.
  2. According to the same report, organizations that used Macs improved their employee retention rate by 20 percent. The productivity also rose by 5 percent.
  3. Employees prefer using Macs over PCs. Mac users are 17 percent less likely to leave the company.
  4. Macs are perceived to be more secure than PCs.

1. The need for a centralized management

Hybrid or remote work means that all the endpoints are never going to be gathered in one place. A centralized management system would help the Mac admins to manage and secure all devices. Unified Endpoint Management (UEM) solutions like Hexnode are an optimal option. One added advantage of UEMs is their ability to manage multiple device platforms from a single console. Even if you have devices other than Macs in your organization, you can manage them remotely as long as you have a suitable UEM account.

2. Deploying devices and out-of-the-box enrollment

In hybrid or remote work, deploying and enrolling the Mac devices is a major challenge that the IT admins have to overcome. With a UEM like Hexnode, you can deploy your Apple devices without ever touching them. Here are a few tips for the IT managers who are deploying devices for remote/hybrid work:

  • Integrate your Apple Business/School Manager account with your UEM solution. It would help you not only to enroll the devices but also for deploying content and easier supervision.
  • Use Automated Device Enrollment for corporate-owned devices. This helps you to enroll the Macs in the UEM remotely. As soon as the user turns on the Mac for the first time, the device will get enrolled in the UEM.
  • Make use of your UEM solution to check up on the enrollment status of the Mac endpoints. In Hexnode UEM, admins can see the status on the page where all the devices are listed. They can also see further details on each enrolled endpoint on the individual device pages.
Featured Resource

A complete guide to Mac device management

Organizations can use UEMs to configure and manage endpoints while increasing staff productivity. Learn how to leverage Hexnode's Mac management features to make the most out of your Mac endpoints.

Download whitepaper

3. A solid security strategy

Whether the devices are remote or not, IT admins have the responsibility of securing them against outsider and insider threats. That’s where proper security strategies come to play. We have listed a few security features that Hexnode Mac admins have found to be most useful:

FileVault encryption

FileVault is the full-disk encryption program for Mac devices from Apple. On encrypting the Macs, the device data becomes inaccessible to anyone who doesn’t have the password or the recovery key. All new files are automatically encrypted on a FileVault-enabled Mac.

You can enforce FileVault encryption and configure the settings remotely using your Hexnode portal. Prevent the users from disabling FileVault as an added measure.

Firewall settings

Firewall protects the Mac devices by forming a barrier between external and internal connections. Hexnode lets you configure the Firewall settings remotely from its console. You can enable Firewall remotely, block all incoming connections or block the incoming connections to specific apps.

Strong password policies

Passwords are the first layer of security between a possible attacker and the device. Encourage your employees to configure strong passwords for their Mac devices. When encouragement isn’t enough (more often than not it isn’t), configure a strong password policy and enforce it with your UEM solution. For instance, Hexnode UEM lets you configure conditions like the minimum number of complex characters, maximum passcode age, passcode history, the grace period for device lock, and more.

App blacklisting/whitelisting

Apps are one of the hackers’/attackers’ favorite target windows. Allow or deny access to apps or app groups using Hexnode’s app whitelisting/blacklisting feature.

Web content filtering

This feature is similar to app blacklisting/whitelisting. Instead of apps, here you can allow or deny access to certain websites. Websites are yet another popular option amongst attackers since it is pretty easy to redirect users to harmful websites with a single click. Blocking such potentially harmful websites is a very solid move from a security standpoint.

OS updates

You may wonder, why are OS updates a part of security features? OS updates often bring with them security fixes and updates. However, sometimes you may prefer to wait before deploying the updates. Hexnode admins can schedule the OS updates for the Mac devices enrolled using Automated Device Enrollment.

Media management

Hexnode UEM enables you to ensure data security in your Mac devices with its media management feature. You can manage external media, internal media, disk images and optical media on the enrolled Macs. You can also configure advanced settings to allow or deny media use or if only authenticated users can use the media. This helps you prevent unauthorized usage of the data and keep it secure.

4. Managing the Mac apps

App management is another hurdle that a Mac admin has to cross in remote and hybrid work. Macs for hybrid work are dependent on more apps for smooth functioning. For example, you may need to install communication software like Zoom for video conferencing or Hexnode Assist app for remotely viewing the Mac device’s screen. Hexnode admins can install/uninstall apps using a simple policy. You can also use your Apple Business/School Manager account to deploy the apps in bulk.

Role of UEM in software distribution and upgrading

5. Finding ways to troubleshoot remotely

When the endpoints are remote, troubleshooting the issues is another major hassle. Hexnode’s Remote View feature is a good way to see what’s happening on the device-end in real-time. You can also look through the device and user reports to see everything at a glance. If you feel like something is wrong (for example, the device shows up in unexpected locations), you can remotely lock the device. If the device is lost or stolen, you may even remotely wipe the Mac.

How to view your Mac screen remotely for real-time troubleshooting

Key takeaways

Hybrid work solved a lot of issues that arose with the pandemic, but it also came with its own set of challenges. Mac or even IT admins, in general, would always have new challenges to overcome and hybrid work is just the latest of them. Staying ahead of these challenges is not an easy task but it is definitely doable. Choosing the right UEM solution with good support can certainly come in handy most of the time. As a hybrid company ourselves, Hexnode has dedicated itself to continually evolving to the changing needs of the changing times.

Emily Brown

Reading is therapy and writing is healing...sincerely, a cool nerd.

Share your thoughts