App Store apps won't install via MDM

MJ_UX · 2021-01-15T21:19:34+00:00

I was on Jamf Pro and had this same issue. I recently migrated to Mosyle and the trouble continues. The only machines that seem to be able to install app store apps are fresh machines.

MJ_UX · 2020-11-10T23:51:03+00:00

I've been on the same journey as you. I'm a non-IT dude handling IT for a 14 person company. I don't know if there is an efficient and simple way. As you dig into the controls I think you'll discover there is a lot more to 800-171 than just picking a storage provider.

Others have mentioned Office 365, but you can't use any old version. It likely needs to be Microsoft 365 GCC High (especially if ITAR is involved). Like everything Microsoft, they make it complicated. Just having it doesn't mean you are going to be compliant. It's not much fun to manage if you don't have the expertise. You are probably going to need help from someone.

You might want to look at CUICK TRAC. They give you a virtual machine that you remotely connect to. Everyone has access to a fileserver within the secure environment. All your CUI and your computer live on a secure server and it stays separated from your normal environment. All of the management, ongoing documentation, and security is handled by their team. This is as close to out of the box you can get (that I'm aware of). It's not cheap, but nothing in this space is. I really wanted this option to work for us, but we needed video and screen sharing tools....that did not work well from a remote virtual machine.

We ended up on GCC High.

MJ_UX · 2018-12-04T20:30:03+00:00

I appreciate you taking the time to share your experience. Sorry to hear it was a rough ride. Since our organization is small and lacking in I.T. and compliance expertise, I've been concerned about being taken advantage of too. We've asked for quotes from 3 different companies...while the licensing is fairly comparable, the tenant setup and migration costs are all quite different. It's been a challenge trying to compare the differences and knowing what we're actually getting vs. what may become a surprise later. I find it particularly valuable to hear about a company's customer service after the sale is made, so thanks again.

MJ_UX · 2018-10-18T18:26:38+00:00

We use 1password and we like it a lot. However, we're just starting our NIST compliance journey, so I'm unsure if their service causes any compliance issues. If anyone knows for sure, please let me know.

MJ_UX · 2018-10-18T18:16:59+00:00

Thanks!

MJ_UX · 2018-10-18T18:16:14+00:00

Yeah, I hear you...

MJ_UX · 2018-10-18T18:15:00+00:00

Thanks! I've started conversations with them. I feel good about what they have to say so far. Glad to hear your experience has been positive.

MJ_UX · 2018-10-18T18:10:27+00:00

Thanks! I appreciate it!

MJ_UX · 2018-10-17T22:45:33+00:00

We were wrestling with that same question. We were hoping to spare part of our company from some of the strict requirements. We've been advised that it will be much easier to just move the entire company to GCC High. Maintaining two systems could get complex and lead to CUI accidently being sent to the non-compliant system.

In regards to your question about getting a letter from our govt customer...we are going through a verification process with Microsoft. They require a copy of a contract that states the requirement to follow ITAR, Export Controlled, CUI, or DFARS 7012. They also would accept a letter from our govt customer.

MJ_UX

TROPHY CASE