Introducing Mac Cloud Service

Today, we are excited to launch Industry’s First Unified Identity Solution for Security and Management of Mac Users and their Mobile Devices. [1] [2]

In addition to our on-premise Mac Centrify Direct Control offering, it is now possible to enroll Mac’s to Centrify Cloud Service, and control them from anywhere.

Why Mac Cloud Service?

Mac Cloud solves new problems that arise from today’s Mac workforce users, who are now more mobile than ever: employees with personal home machines, employees who BYOM (Bring Your Own Mac), and road warriors who rarely login to the corporate environment.  All of them need a measure of integration with the corporate office.

For example, one major problem with roving corporate user populations is, “what happens if Jennifer, the star Sales Engineer, who just downloaded the Super Confidential Firmware, suddenly realizes that her Mac is missing, either by theft or misplacement?”

YIKES!, what if that firmware fell into the wrong hands?  Imagine the fear going through Jennifer’s head when she has to tell the boss that she, not only needs a new Mac, but also a Mac, with the company’s trade secrets, is floating around out there, essentially unprotected.  With Centrify Cloud Service, locking or wiping the Mac is an Active Directory command away.  Her Mac can be locked or be wiped, as soon as it connects to the Internet, even if it is outside of corporate network.  Peace of mind returns to Jennifer at once, knowing her data are protected by Centrify’s Mac Cloud Service.

Centrify for Mac also can enforce FileVault2 full-disk encryption on Mac’s.  This further strengthens protection of Jennifer’s data.

Centrify Cloud Service provides a unified platform to manage various types of mobile devices – These include Mac, iPhone, iPad, and Android devices.

Great!  How Can I Use It?

Let’s walk through how you can take advantage of this service.

1. Install and set up Proxy Server

The Proxy is a server that runs on Windows, and is a bridge between Active Directory Domain Controller and Centrify Cloud.  This also adds Group Policy integration and Active Directory Users and Computers add-ins.

IT Administrator can install Proxy with familiar Windows installer UI.



2. Register Proxy to Centrify Cloud

Administrator registers the installed Proxy against Centrify Cloud with familiar Windows UI.  This allows the communication to happen between your corporate LAN and Centrify Cloud.



3. Create and upload APNS certificate

Centrify Cloud uses Apple Push Notification Service to communicate with Mac’s and iOS devices.

Administrator creates APNS certificate and uploads it to Centrify Cloud Manager.  This browser based UI shows the steps for Administrator.



4. Join Mac via User Portal

Users can now enroll their Mac’s and other mobile devices to Centrify Cloud.

User can go to User Portal, select MyDevices, click on AddDevices, select device type (e.g. Mac OS X) and click on Enroll.

Alternatively, user can go to enrollment page, e.g., directly.


As a result of enrollment, Mobile Device Management (MDM) profile is installed on the Mac.


5. Wipe and Lock

Now, let’s go back to the example with Jennifer above.  Once she loses her Mac, an IT administrator will login to Cloud Manager, and send a wipe/lock command to Jennifer’s Mac, which will render her machine useless to anyone who may be interested in that new Secret Firmware.



Alternatively, Jennifer can log in to User Portal and lock or wipe the Mac herself.

6. Install Profile

In addition to Lock and Wipe, Mac Cloud offers many other settings that corporate users will certainly appreciate.  Settings such as, Restrictions, WiFi and VPN to name a few.

Administrator can use familiar Group Policy Console to configure the settings.  This displays VPN example. .


Mac’s System Preferences UI shows installed VPN profile.


We are very excited here at Centrify with this newest Cloud based offering.  It offers some very powerful features, not currently available to many corporate users who are remote, or roaming.  It adds a level of safety not present on many of today’s mobile devices.