How I use an MDM at home
With JumpCloud, I streamlined the process of adding and configuring devices, especially my Apple products, utilizing its policy management features.
I frequently experiment with my network, but it can be frustrating to manually configure each of my devices every time I want to make a change. In my previous job, we utilized MobileIron to manage the organization’s iOS devices. When I began searching for a user-friendly Mobile Device Management (MDM) solution, I discovered JumpCloud. JumpCloud supports Mac, PC, Linux, iOS and Android devices.
Process
I created an account on JumpCloud and started adding my devices. One peculiarity I encountered was the inability to assign an administrator directly to a device. Consequently, I needed to maintain two separate accounts: one for managing the JumpCloud Admin Portal and another for logging into my devices and services. Adding devices is a breeze — simply navigate to Devices > Devices > *Plus Sign* and select the desired platform for installation. Installing the agent on my computer enabled password synchronization between my computer and JumpCloud.
Once the devices were added, I explored the policy section. Since most of my home devices are from Apple, I predominantly create configuration profiles using Apple Configurator. I currently utilize nearly 20 configuration profiles. For instance, I created a configuration profile encompassing my Wi-Fi settings and a trusted certificate for the RADIUS server. Now, whenever I modify my Wi-Fi settings, I only need to update this single profile to connect all my Apple devices. Additionally, I have another profile that configures my devices to use DNS over TLS with my cloud-hosted AdGuard Home instance. This profile activates only when clients are not connected to my Wi-Fi, ensuring secure DNS requests regardless of our location.
Enhancing my Wi-Fi security
I mentioned RADIUS earlier, which enhances the security of my Wi-Fi network. When devices attempt to connect to my Wi-Fi, they must possess the correct certificate, a username, and a password. I configured my network to utilize JumpCloud as the RADIUS server and enabled Multifactor Authentication (MFA). Now, whenever my devices join the network, I receive a notification on my phone to confirm the connection. However, this can become inconvenient when dealing with smart home devices on a RADIUS network. To address this, I created a user in JumpCloud without MFA enabled. Consequently, I can configure those devices to connect solely using the username and password associated with that account.