Jamf After Dark

One K12 school was blocking roughly 1,000 phishing attacks per day, and had no idea it was happening. EDU Buying season is here, and security, classroom tools, parent controls, and teacher adoption all need answers before a single device gets ordered.

Mat Pullen, Jamf's Product Marketing Director for Education and a former classroom teacher, joins hosts Kat Garbis and Josh Thornton for a frank conversation about what K12 schools are dealing with in 2026.
Subscribe for more Edtech content from Jamf:

*CHAPTERS:*
1:51 Meet Mat Pullen: Product Marketing Director for Education at Jamf
2:51 Jamf Nation Live EDU: What Schools Are Actually Asking About
4:22 Top K12 Challenges in 2026: Budget, Security and Screen Time
6:57 Why Schools Are Easy Targets for Cyber Attacks
8:10 Student Privacy vs. Surveillance: How Jamf Balances Both
10:03 Jamf Parent: Giving Families Control of School Devices at Home
12:42 Technology in the Classroom Is an Education Problem, Not an IT Problem
14:58 MacBook Neo for K12: What It Changes for Schools on a Budget
20:05 Jamf Safe Internet: Content Filtering and Network Threat Prevention
22:12 Limited Privacy and Time-Based Policies: New Features Explained
25:58 Jamf for K12: One Solution for IT, Security, Teachers and Parents
29:05 Jamf Teacher in Action
31:46 K12 Buying Season 2026: How to Think Beyond the Device
37:23 Here's What Most Schools Are Missing

Mobile device security is the biggest blind spot in most organizations, and most IT teams have no way to investigate when something goes wrong.
Chris Deane, Senior Sales Engineer for Jamf Security Products, and Harry Jenkins, Senior Sales Manager for Jamf Mobile Forensics, sit down with hosts Kat Garbis and Josh Thornton to talk through what actually happens when a mobile device gets attacked.
They cover the full picture: why MDM alone isn't security, how mobile threat defense stops most attacks but not all, and where Jamf Mobile Forensics comes in for the ones that slip through. Plus a deep dive into spyware — Pegasus (NSO Group), Predator (Intellexa), zero-click attacks, why journalists are targeted just as often as executives, and how Jamf Threat Labs builds detection rules for threats that have never been seen before.
CHAPTERS:
0:00 Mobile devices are the #1 security blind spot
1:50 Meet the guests: Chris Deane and Harry Jenkins, Jamf Security
2:56 What makes Mobile Security different from endpoint security?
5:08 MDM, Mobile Threat Defense, and Mobile Forensics: the three layers explained
7:18 Why Only 15% of mobile devices are properly secured
9:49 Personal vs. Work: why the blurred lines make mobile security hard to enforce
15:36 Incident Response: what happens when an employee says their phone was attacked?
17:43 What Mobile Forensics actually means, and what Jamf is not looking at
19:57 iOS vs. Android CVEs: 90-120 Apple patches vs. 600-900 Android in 12 Months
22:43 Spyware: What Predator and Pegasus actually do to your mobile device
25:37 Targeted malvertising and the shift from One-Click to Zero-Click Attacks
29:07 Who gets targeted: executives, journalists, and travelers in High-Risk countries
33:20 How Jamf Threat Labs detects unknown threats using behavioral analysis
36:43 AI Analysis in Jamf Mobile Forensics: deeper insights without Forensic skills

Subscribe for Apple device management and security insights

#MobileSecurity #Spyware #EndpointSecurity #mobileforensics #cybersecurity #Jamf

Okta's Dan Hefley (https://www.linkedin.com/in/dan-hefley), Senior Product
Manager for Device Access, explains how Platform SSO brings enterprise identity
to the Mac. From day-zero Setup Assistant enrollment in macOS 26 to device
bound SSO using secure enclave keys, Dan covers what IT teams need to know
about deploying Platform SSO with Okta and Jamf.
Dan shares his perspective as a former MDM admin turned identity product
manager, discusses how device bound SSO prevents session hijacking with
hardware-backed keys, and explains why the Shared Signals Framework between
Okta and Jamf creates layered security. Hosts Josh Thornton and Kat Garbis
explore what this means for organizations managing Apple fleets.
1:44 Meet Dan Hefley - Senior Product Manager at Okta
5:00 What Is Okta? Vendor-Neutral Identity Provider Overview
6:23 Why Identity and Device Security Go Hand in Hand
7:21 What Is Platform SSO? Native macOS Framework Defined
8:07 Evolution from Jamf Connect Basic to Platform SSO
9:15 Why Platform SSO Was
9:47 Platform SSO in Setup Assistant
10:08 Day-Zero Enrollment Flow - ABM to Jamf to Okta MFA
11:43 Solving Enrollment Friction with Separated Device and User Registration
12:18 Password Syncing Benefits
16:40 How Device Bound SSO Prevents Session Hijacking
17:53 Identity Threat Protection and Continuous Authentication
18:06 Shared Signals Framework - Okta and Jamf Working Together 20:40 Okta FastPass and Passwordless Authentication on Mac
21:20 Device Bound SSO Completes the Day-Zero Story
22:30 Getting Started - Requirements and Deployment Considerations
26:26 Okta's Platform SSO Roadmap and Future Direction
27:43 Key Takeaway - Identity and Device Teams Belong in the Same Room
RESOURCES:
- Mac Admins Slack - Platform SSO Channel: https://macadmins.slack.com
- IAMSE Blog - Okta Integration Guides: https://iamse.blog
- Jamf Learning Hub: https://learn.jamf.com/
- Jamf and Okta integrations: https://www.jamf.com/integrations/okta/
Subscribe for Apple device management and security insights
WHO THIS IS FOR:
IT administrators and security teams managing Mac fleets in enterprise
environments. Relevant if you're evaluating Platform SSO with Okta, migrating
from Jamf Connect Basic, or planning identity integration for zero-touch Mac
deployment.
#Okta #Jamf #macossecurity #AppleSecurity #DeviceBoundSSO #macOS
#IdentityManagement #PlatformSSO #ZeroTouchDeployment #JamfAfterDark
#EnterpriseSecurity #MacAdmin #TrustedAccess #podcast

Educators: ever wonder why certain apps are on your classroom iPads? App Catalog shows you the why behind every app, plus how other teachers use them.
We also discuss Jamf's Matter Innovation Hubs - free community learning centers operated in collaboration with Jamf in the US and internationally. These hubs focus on technology-enhanced, student-centered learning and serve educators, students, and communities through hands-on programs and the Matter Career Readiness Institute.
GUEST:
Kelly Watkins Conrad - Senior Program Engineer, Jamf Community Education (manages devices across all Matter Hub locations globally, 14 years at Jamf)

CHAPTERS
2:00 Meet Kelly Watkins Conrad: Jamf Senior Program Engineer
3:20 What Are Matter Innovation Hubs?
5:45 Matter Hub Global Locations
9:24 The Problem - Teachers Can't Find Apps They Need
16:51 Main Benefit - See Why Apps Were Chosen
18:00 Sharing Teacher Use Cases Within Districts
21:25 2026 Expansion - Stay tuned!

#JamfSchool #AppCatalog #EdTech #matterngo

If you're clicking through Jamf Pro configs manually, you're about to learn why that's becoming a problem. Security teams are starting to ban console access. MSPs are wasting hours rebuilding the same configs for each client. And organizations scaling to hundreds of Macs are drowning in manual changes with zero audit trail.
Ryan Legg, Jamf's Solutions Engineer for Infrastructure as Code, breaks down how Terraform lets you manage your entire Jamf environment through code instead of clicking. Whether you're managing 50 Macs or 5,000, here's why this matters NOW.
CHAPTERS
4:45 What is Infrastructure as Code - Explained for Non-Coders
8:15 What is Terraform and Why It Exists
11:30 How Terraform Talks to the Jamf API (Without You Writing Scripts)
14:45 Jamf Terraform Provider - 2+ Years in Development
18:20 Version Control for Configs - Git, Testing, Rollback
21:40 Why This Matters - Audit Trails, No Manual Errors, Scalability
24:30 MSP Use Case - Deploy to Multiple Clients in Minutes
27:15 Enterprise Use Case - Manage Hundreds of Configs with Code
30:10 Small Team Use Case - Document Everything as You Build
34:00 Why Every Admin Should Learn This NOW - The Future is Code
37:13 Getting Started - Resources and Documentation
39:09 Wrap-Up - Where to Get Help


What You Learn:
4:45 "Treating your Jamf config like a software project" - what that actually means
18:20 Multiple admins can submit changes through pull requests - no more stepping on each other
24:30 MSPs: Stop rebuilding configs manually - use one Terraform module across all clients
30:10 - Small teams: Codify early so the next person doesn't start from zero
34:00 - "Organizations are requiring admins OUT of consoles" - security trend you need to know
 
RESOURCES:
Jamf Concepts (Start Here): https://concepts.jamf.com
Trusted by Jamf (Tutorials): https://trusted.jamf.com 
Jamf Developer Portal: https://developer.jamf.com
MacAdmins Slack: https://macadmins.org
 
WHO NEEDS TO WATCH:
Mac Admins who manually configure Jamf Pro (you're wasting time)
MSPs managing multiple Jamf instances (you're rebuilding the same thing repeatedly)
IT teams scaling past 500+ devices (manual configs won't scale)
 
Jamf After Dark: A podcast about managing Apple devices, hosted by Kat Garbis and Josh Thornton.
Guest: Ryan Legg, Solutions Engineer III at Jamf
#JamfAfterDark #Terraform #JamfPro