Posted on 03-16-2023 11:05 AM
Is it possible to manage the Airdrop and Bluetooth app through JAMF in such a way that it will function only on those mac devices enrolled in the same JAMF Pro console but it wont work on other Apple devices those are on different JAMF or not enrolled in any JAMF or MDM. It is for security purpose only.
Posted on 03-16-2023 11:09 AM
Posted on 03-16-2023 11:15 AM
If it is not possible to disable then user can transfer data from company's to other device. Sensitive data can be transferred to other devices. I think JAMF should think it.
03-16-2023 11:22 AM - edited 03-16-2023 07:16 PM
@Asifahmed I don't know if Jamf Protect offers any monitoring or interdiction for data being transferred via AirDrop or Bluetooth, but it's not a capability I'd expect in Jamf Pro because macOS has no built-in mechanism to support that restriction. If you've got a support contract with Apple I'd suggest you open a case describing how your organization needs that capability, and it wouldn't hurt to also file a request via the Feedback Assistant app.
Posted on 03-16-2023 02:31 PM
@Asifahmed what you’re referring to is a DLP (Data Loss Protection) tool, which is not what Jamf Pro is. There are several 3rd party tools that can do this on the Mac. Possibly Jamf Protect can, but I’m not certain.
And if all you’re looking for is to stop people from copying files over Bluetooth, you could look at setting up a Restricted Software title to block Bluetooth File Exchange. That’s no guarantee of blocking any type of BT file transfer, but it should stop the majority of them.
You’re still better off with a proper DLP product though.
Posted on 03-17-2023 07:10 AM
There is basic capability to restrict Airdrop connections to Contacts Only in the Address Book, but as this has no MDM management, no way to manage the contacts scale and quite easy to circumvent its pretty useless.
You can do monitoring of this with Jamf Protect which is half the battle, just the ability to know what being transferred in & out of your environment is a major advantage in controlling data leakage.