Report: Managing Apple in Fintech
Managing and Innovating Apple in Fintech
The dataJAR team was delighted to welcome more than 50 delegates to the Fintech event at Funding Circle’s impressive London offices. It was great to meet and share practices with such a diverse group of people, keen to hear more about utilising Apple technologies within the financial sector.
Jordan Coombs, global service manager at Funding Circle, welcomed everyone to the day. Then dataJAR’s sales director Mark Tsuchihashi took to the floor to give a brief insight into how dataJAR can support customers and ensure they achieve workable outcomes.
Joe Steele, head of workplace technology at Starling Bank, had a raft of experience working with “every OS and MDM in every industry” behind him before he joined a rapidly growing Starling Bank two years ago. He described the organisation, which was founded in 2014, as a software engineering company with a banking licence. Today the company has 1.1 million customers.
When Joe joined the company, they had 112 staff, 17 macOS devices and two IT staff. There was no real on-board or off-boarding process - devices were taking several hours each to prepare and there was no directory service tying a user to a device. Above all else, Joe was faced with a huge scaling challenge as the company has grown in the past two years to 900 staff, with that number likely to double in the next 12 months.
Since deploying Jamf Pro as their MDM solution, big changes have taken place for Joe and his team. Joe continued by explaining dataJAR’s role in the process involving a secure customer services desktop build which, in turn, has enabled a host of capabilities. Thanks to their relationship with dataJAR, many a seamless process is now in place helping Starling Bank to achieve greater success with their processes.
Christian Asare-Anderson, client platform engineer at Funding Circle, spoke after lunch to share the challenges he has faced in his role and how they are being overcome by him and his team.
The IT estate at the company comprises 530 Macs, 107 iPads and around 600 Windows devices. When Christian joined the company in January 2018, his first challenge was to consider “IT vs end user” and what the outcome was going to be using an “Idea - Risk - Impact” model.
Funding Circle engaged dataJAR in May of this year to help them understand where they were in terms of their tech plan and what the next steps are. June 2019 saw the reboot project occur, and the first success was a huge drop in tickets requesting password resets, another was deploying 107 iPads in one week.
Christian also shared their wins with USB policies and smart groups using Slack notifications, ensuring any changes are logged and enabling end users to use their device within 15 minutes out of the box. The organisation’s next step will be to implement an HR driven on-boarding system, with the main aim focussed on making a difference to the end user.
Jermaine Bennett-Smith is a Jamf Systems Administrator for Zopa and joined in January 2019. The company has increased its devices from 50 to 200, resulting in a greater need for security.
He shone a light on the Privileges app, used by Zopa to allow users quick and easy access to admin rights as needed, a day at a time. He provided an overview of the app and gave a demonstration of how the user can upload it themselves, as well as how to set up smart groups using Privileges.
The group then heard from Gui Teles, IT service operations director at Zopa, who shared his passion for technology, new ideas and new ways of thinking.
Zopa opened its doors in 2005 and its ethos is honesty, transparency and trust.
Gui’s presentation focussed on the benefits of using Apple within the financial sector, based on his own extensive knowledge and experience. He spoke of the challenges he has faced when convincing IT bosses to embrace Apple technologies and shared the “BS Chart” which detailed the seven excuses he has heard for not using Macs in the workplace:
- macOS is not a supported platform and doesn’t work well with Active Directory.
- Macs are great but I can buy two PCs for the same price (true but look at the long term).
- Macs are only for design people.
- You cannot manage macOS devices in the same way you can manage Windows.
- Macs are too pretty for being considered a work laptop.
- We are a Windows environment, does Office and Outlook work on a Mac?
- Users can’t properly work without admin permissions and this can’t be controlled.
As an employee of Betfair in 2012, Gui convinced them of Apple’s capabilities with the following points:
- AIO bundle
- Easier procurement
- Awesome style
- Improved security
- Increased productivity
- Hardware stability
- Reduced IT support
- Overtime price
- Time Machine and the Cloud
- Easier updates
Gui was successful with his argument and Betfair scaled from 40 Macs to 450 in three years (2012-2015).
dataJAR’s managing director, James Ridsdale, closed the session and began with sharing his mission statement from his early business plan, when he started the company in 2013.
His vision was simple - to provide a completely scalable and hosted managed service to provide organisations with cradle-to-grave life cycle management of Apple devices. dataJAR’s focus would be businesses who either do not have the time or resources to support Apple technology or are new to the Apple platform.
James continued his presentation by exploring the purchase stage, in other words where the journey starts - a vital step. He talked about the importance of procurement from Apple directly or an authorised reseller, as only these organisations are able to register Apple devices in Apple Business Manager (ABM). Similarly, only Apple or an authorised reseller can add Volume Credit to ABM. iOS/iPad or tvOS have the option to be manually enrolled into ABM.
Apple Business Manager is a central place to manage devices, content, roles and Managed Apple IDs (MAIDs) and can federate with Microsoft Azure for MAIDs. The program availability for ABM now extends to 69 countries worldwide.
James talked about infrastructure, specifically connectivity, Content Caching and Apple Push Notifications (APNs). He stressed the importance of ensuring networks are not hostile to Apple technology and that wireless surveys are conducted for capacity and coverage. He talked the group through other factors such as implementing Content Caching to help ease the burden on network connectivity and ensuring networks support APNs, which is something that should be tested by security teams to ensure the service functions.
The following are links to handy articles on this:
On the subject of mobile device management (MDM), James explained MDM is required for automated enrolment, software distribution, restrictions, commands and queries. dataJAR built and base their datajar.mobi on Jamf Pro and have extended it to achieve capabilities that do not exist within Jamf’s product, such as Auto-Update, Simplified Management, Warden appliances and pre-designed onboarding workflows.
He went into detail on Auto-Update and the time savings this software delivery service can offer organisations with existing Jamf environments. He then demonstrated Simplified Management and showed how these applications can provide first and second line admins access to Jamf without any training.
James talked about dataJAR’s strategic relationships with Jamf, Okta, Code42 and Malwarebytes, targeted for compliance and security.
Finally he took the group through resource scaling. dataJAR’s system engineers manage around 5000 devices, per engineer. James emphasised the need for organisations to acquire top talent if their Apple journeys are to be successful and compared these engineers moving between businesses to football transfers.
James gave some hints on retaining talent, as well as developing existing skills of staff or teams already in place, but wanted to emphasise the option to outsource to specialists in this field, such as dataJAR.
Paul Martin, Code42’s pre-sales lead, spoke in detail about the protection of company data. Code42 is an organisation focussed on business and enterprise and provides its customers with visibility of where their data sits.
Their software is able to track and search instances of data theft or unusual activity, which may have occurred in the run up to an employee leaving the environment. Even with a small security team, Code 42 is able to see in an instant what may have taken place with files within the company.
They have the ability to download the files in question and see what they are being used for. Sometimes they are modified in an attempt to get data out of the environment under the radar, but any concerning activity will be picked up. IP addresses and sync destinations can also be identified.
Want to find out more?
If you are interested in any of our services, such as Apple device management, or would like to chat about your current infrastructure set up, we would love to hear from you.