When using Apple Configurator, you can assign an existing supervision identity to be used with devices you place into supervision. To do so, first open Apple Configurator and click on Organizations.
From Organizations, click on the plus sign (“+”).
From the Create an Organization screen, click Next.
When prompted to provide information about your organization, provide the name, phone, email, and/or address of the organization.
If you are importing an identity, select “Choose an existing supervision identity” and click on Next.
When prompted, click Choose to select the identity to use (e.g. exported from another instance of Apple Configurator or from Profile Manager).
Click Choose when you’ve highlighted the appropriate certificate.
krypted August 23rd, 2016
Looks like Sal et al posted a suite of Automator Actions to link the Casper Suite to Apple Configurator at https://configautomation.com/jamf-actions.html. In my limited tests so far they work pretty darn well!
Some pretty cool things here, like having the JSS rename a mobile device when managed through Apple Configurator, having Apple Configurator instruct the JSS to remove a device from a group, clear passcodes, update inventory, and other common tasks involved in workflows when leveraging Apple Configurator for en masse device management. Good stuff!
krypted July 14th, 2016
The practical uses of Wearables and Home Automation never cease to amaze me. I recently added a Kinsa thermometer to my collection of useful toys. This little device uses the 1/8th inch jack like the original Jawbone did. It works like a regular thermometer, but displays temperature on an app that runs on the iPhone. It’s simple to setup and once setup, works the same as any other thermometer.
Due to the power of the Internets, you can then select symptoms and check for common ailments that match.
You can also look at your history, tracking the rise and fall of your temperature.
Overall, a cool little device and a cool little app.
krypted July 4th, 2016
There are two main garage door openers in the home automation space. The first is the Chamberlain MyQ and the second is the GoControl. The hardest part about setting up the MyQ was that I had to hit a funny orange button on my existing non-automated Chamberlain opener and then hit the button on the opener in my car to sync ’em up. It took about 10 tries, but eventually it worked.
Once configured, I didn’t love the loud noise the device made to open the garage door (guessing that because it’s compared with a strobe that this is a safety measure). Once the Chamberlain is configured, open the Wink app. Then tap Add A Product and then tap on Garage Doors.
At the Garage Doors screen, tap MyQ Garage Door.
At the Chamberlain Garage screen, tap on Next to verify that you want to add a MyQ to the Wink.
At the Get MyQ App screen, tap on I Have An Account (unless you don’t have an account yet, then tap on Get MyQ App and download the app, setup the garage door, and create an account).
At the Connect Account screen, tap on the Connect Now button.
At the MyQ overlay of the Link Account screen, enter your credentials and then tap on Authenticate.
Provided the authentication worked, tap on Done. Tap Name Garage Door and provide a name for the door (useful if you have two doors).
Next, use the Wink app to test the opener.
krypted July 3rd, 2016
Posted In: Home Automation
The increase in the use and complexity of technological assets in the healthcare sector has been on the rise in the recent past. Healthcare practitioners have moved from recording data manually to keeping Electronic Health Records. This eases the accessibility and the availability of data to the health practitioners. Further, electronically stored data makes it possible for patients to receive high quality and error-free care, improve decision making process because medical history is available and also makes it possible to provide safer and more reliable information for medication. Despite, the numerous advantages that the use of technology in healthcare has, there is also a threat of patients data leakage that lingers around. According to a research by Garrison and Posey (2012), medical identity theft has far more consequences in comparison to the typical identity theft. In average, every medical theft case can cost $20,000, and represents a substantial privacy violation. For this reason and more, it is important for healthcare institutions to protect patient data by securing technological assets within the institution. This article will explore the different methods used to secure the technological assets, with an emphasis on mobile devices.
The first method is limiting access to the electronic health records to only a few individuals. According to Gajanayake et al.(2014) suggests that there are different models of limiting access to the records. The first step is to ask for authentication, this will prompt them to verify their identity. This could be achieved by giving the authorized individuals unique passwords for identification and also by performing biometric scans of the individuals. This step will eliminate the possibility of unauthorized access to the technological access. The second step is to limit the type of information that one is supposed to access. This could be made possible using certain access models. Examples of models that have been proposed include Discretionary Access Control (DAC),Mandatory Access Control (MAC) and Role Based Access Control (RBAC). The DAC restricts access to certain commands such as’ write’, ‘read’ and ‘execute.MAC controls access by assigning information different levels of security levels. RBAC is based on the rights and permission that depend on the roles of an individual. These models normally apply to the security of electronic data. Other assets such as the hardware could be protected physically by limiting authorization to their storage rooms and also limit the location in which they are expected to be used at. Limiting access ensures that those that are not authorized to access the information are locked out of the database.Hence, this is an important strategy in protecting patients’ data.
The second method is through carrying out regular audits on the electronic system and the individuals handling the technological assets. Audit controls record and examine the activities that involve access and use of the patients’ data. This can be integrated into the Electronic Health Record (EHR) system or used to monitor the physical movements of the individuals that have access to the records. In addition, HIPAA requires that all health institutions that use the EHR system should run audit trails and have the necessary documentation of the same (Hoofman & Podgurski,2007). Some of the information collected during audits includes the listing of the content, duration and the user. This can be recorded in form of audit logs which makes it easy to identify any inconsistencies in the system (Dekker &Etalle ,2007). Further, monitoring of the area where the hardware have been placed for used should be done. This can achieve by use of recorded video, which monitors the activities of individuals who use the system. This can also be audited regularly and any inconsistencies noted (Ozair et al., 2005) Carrying out audits of the technology assets of the healthcare institution will help to monitor the daily use of the system which will enable the identification of any abnormal activities that may endanger patients’ data.
The third method is the setting up of policies and standards that safeguard the patients’ data. These policies may vary from one institution to another. For instance, the employees should be prohibited against sharing their passwords and ID and they should always log out their accounts after accessing the system. The authorized individuals would also be properly trained about these so that they are aware of their importance. In addition, these policies should be accompanied by consequences which will impact the users. This will ensure that they follow the policies to the letter. The set of policies and standards are to ensure uniformity in the protection of patients’ data (Ozair et al., 2005).
The fourth method that could be implemented to protect patients’ information is through the application of various security measures to the software and the hardware. The software can be protected through encryption of data, using firewalls and antivirus software’s to prevent hackers from accessing the data. Intrusion detection software can also be integrated into the system. These measures will protect the data from individuals who intend on hacking into the system online and accessing information for malicious purposes. The hardware could be protected by placing security guards at different stations where patients’ data is stored so that he ensures that no unauthorized person gets access to the area or no one tampers with the system or steals it. This step will ensure that the hardware is kept safe from intruders and people with malicious intent.
Protecting patient data starts with the software systems that house the data. The databases that warehouse patient data must be limited to only those who need access and access to each record must be logged and routinely audited at a minimum. Data should only reside where necessary. This means that data should not be stored on devices, at rest. For Apple devices, device management tools such as the Casper Suite from JAMF Software both help to keep end users from moving data out of the software that provides access patient data, and in the case of inadvertent leakage of data onto unprotected parts of devices, devices should be locked or wiped in case of the device falling outside the control of a care giver. Finally, the integrity of devices must be maintained, so jailbroken devices should not be used, and devices and software on devices should always be kept up-to-date, and strong security policies should be enforced, including automatic lock of unattended devices and strong password or pin code policies applied.
In summary, the protection of patients’ data in this technological era should be given a priority. In consideration of the frequency and losses that are experienced due to leakage or loss of private patients’ information, more should be invested in maintaining privacy and confidentiality of data. This can be achieved through controlling access to the electronic data and the gadgets that hold it, carrying out regular audits on the access of the system, creating policies and procedures that ensure that data is secures and finally through, putting in security measures that guard against loss and leakage of the information. All these measures will aid in alleviating the risk of patients’ data and maintaining their privacy and confidentiality which is the main agenda.
Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records.Electronic Notes in Theoretical Computer Science,168, 221-236.
Hoffman, S., & Podgurski, A. (2007). Securing the HIPAA security rule. Journal of Internet Law, Spring, 06-26.
Garrison, C. P., & Guy Posey, O. (2012). MEDICAL IDENTITY THEFT: CONSEQUENCES, FREQUENCY, AND THE IMPLICATION OF ELECTRONIC HEALTH RECORDS AND DATA BREACHES. International Journal of Social Health Information Management, 5(11).
Gajanayake, R., Iannella, R., & Sahama, T. (2014). Privacy oriented access control for electronic health records. electronic Journal of Health Informatics, 8(2), 15.
Ozair, F. F., Jamshed, N., Sharma, A., & Aggarwal, P. (2015). Ethical issues in electronic health records: A general overview. Perspectives in clinical research, 6(2), 73.
krypted June 29th, 2016
I’ve worked with a lot of organizations switching between Mobile Device Management (MDM) solutions in my career. And I’ve seen the migration projects go both really, really well, and really, really poorly. In most cases, the migration is somewhat painful no matter what you do. But in this (my first) article on the JAMF blog, I try and organize my thoughts around a few things to look out for when migrating between MDMs/MAMs, and some context/experience around those.
krypted June 23rd, 2016
Posted a Huffington Post article from my notes from the WWDC keynote. Hope you enjoy!
Apple kicked off WWDC (World Wide Developers Conference) today, with a Keynote that showcased some of the upper tier of talent and management within Apple. As a former WWDC speaker, I watch the keynote and most sessions through the remainder of the week religiously. Here, you see what’s coming in the fall releases of the four operating systems: macOS, watchOS, iOS, and tvOS (for Macs, Apple Watches, iPhones and iPads, and Apple TVs respectively).
PS: macOS autocorrects to tacos. Mmmmm, tacos…
krypted June 14th, 2016
Here’s a little app to sync data from a DynamoDB database to an iOS device. Includes the ability to search. Simply edit the constants file to link it to your source. Enjoy.
krypted June 6th, 2016
Posted In: iPhone
Last night, I went to setup a new Nest Protect in my home, and while I was futzing with the app (yes, futzing is the technical term) I missed the question that was asked on the device about what language to use while waiting at this screen.
And so my Nest Protect was speaking Spanish. Which is fine with me; but notsofine for my daughter. So, I needed to change the language. And after hunting for the setting for awhile, I thought: self, you should document this.
So to change the language on a Nest protect, open the Nest app and then tap on the icon for Protect (which will appear once you’ve associated the first Nest Protect to your account. Then tap on the Settings gear icon in the upper right corner of the screen, which allows you to configure all your Nest Protects at once. Then tap on the Protect you want to change the language on and there’s a magical setting for Spoken Language there. Tap that and select the language you wish to use. Out of the box, the device only supports English and Spanish. But once setup, you can change the language to French or Dutch. So this is also the method to unlock French and Dutch language support on the device.
Once changed, you can replicate the change to other devices by cycling through them. I also noticed the setting didn’t appear on my iPhone. I had to use an Android device to access my Protect and make the change. The setting doesn’t seem to be a part of the iOS code. But YMMV.
krypted March 29th, 2016
When I was speaking at MacADUK, I asked Tom Bridge about starting a podcast. He’s got a great voice, and I thought he’d be a great co-host. Before we were able to get to that when we got home, Adam Codega, independently of the conversation I’d had with Tom, dropped a note on Twitter to see who else might be interested in doing a Podcast. A few people responded that they’d be interested in also jumping in on a new Podcast. Over the next few weeks, decisions were made that the podcast would be hosted as a part of MacAdmins.org, the format, the hosting location, and lots of other really cool stuff. And some of us got together and recorded the first episode. And then, last night, we recorded the second episode just in time to get that into editorial before Episode 1 is released.
And soooooo, episode 1 is out! It includes Tom Bridge, Emil Kausalik, Adam Codega, and myself. We also have an interview with some of the organizers from the Penn State Mac Admins conference, which I wasn’t able to sit in on, but find just fantastic. And Tom did some of the editing. Aaron Lippincott (@dials-Mavis) did a lot of work on the mastering and deserves lots of credit there (he made everyone sound way betterer). And John Kitzmiller did a lot of work on the domain and website and DNS type of stuff, as well as helping with hosting of the podcast assets as well. And Adam’s done a lot of work on the back end linking things together, so a great team effort.
The next episode also features Pepijn Bruienne and Marcus Ransom (who I lovingly decided we should call the He-Man of the Mac Universe) and covers the latest iOS 9.3 release, as well as some information about the Classroom app. So stay tuned for that, but click below to give the episode a listen, or find on iTunes once it appears (and I’ll post a link to that once we can).
Overall, I’m really stoked to get this thing going, and that the group has built a great system for future episodes, that should be sustainable for many, many episodes. I’m also really stoked to be able to get to work with this specific group – I’m a big fan of everyone, and I look forward to many episodes to come! So follow on Twitter at @MacAdmPodcast and feel free to let us know if you’ve done something awesome and we should mention it or interview you!
krypted March 28th, 2016