Mass deploy Omnix Credential Protection using macOS and Jamf

Credential Risk Detection, AI phishing alerts and In-browser nudges are available to organizations on a Arrow Omnix plan.
Upgrade to Arrow Omnix

Estimated time to complete: 20 minutes

If you have the Arrow Omnix plan and mass deploy the Arrow Smart Extension, you can also deploy these Omnix Credential Protection features at the same time:

• Credential Risk Detection
• Early access: AI phishing alerts
• In-browser nudges for logged-out plan members and employees without Arrow accounts

Omnix plan admins can use the master data management (MDM) tool Jamf to set up Credential Risk Detection for company-managed Google Chrome and Microsoft Edge desktop browsers on macOS.

What is Jamf?
Looking to set up Risk detection on Windows using Intune?
Looking to set up Risk detection on Windows using Group Policy (GPO)?

Although Omnix Credential Protection features are most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) during setup and extend it to more employees anytime. To add more employees, update the groups included in your deployment policy.

Add employees to the policy

Process overview

Prerequisites

Make sure you have the appropriate access needed to set up Omnix features:

• Admin access to a Arrow Omnix account
• Admin access to Jamf on macOS
• Permission to deploy policies to devices using Jamf

Set up Credential Risk Detection on macOS using Jamf

Setup involves two main steps:

1. Apply Arrow’s deployment policy
2. Mass deploy the extension

If you prefer, watch the macOS + Jamf step-by-step video

1: Apply Arrow’s deployment policy

Important: You must deploy the Arrow security policies before you deploy the Arrow Smart Extension. This order ensures the extension installs silently and the security features work as expected. If you don't deploy the policies to your targeted machines, your employees will be asked to log in to Arrow on every login screen. If you deploy the extension before the policies, employees might create a personal account before the policies are applied.

In the Arrow Admin Console, start the setup:

1. Open the Admin Console
2. Under Integrations, select Mass deployment.
3. On the Mass deployment page, select Start setup.

   

4. On the Setup page, select Start to see the steps for applying Arrow’s deployment policy.

   

5. Select the Jamf tab and the browsers you're deploying to.
6. Next to the Preference Domain field, select the Copy value button. 

   

In Jamf, add the new policy:

1. Open Jamf and go to the Computers section. Select Configuration Profiles and then New.
2. Enter a name for the Configuration Profile. For example, "Arrow Credential Risk Detection."
3. Select the Category you want to add the profile to.
4. Under Options, select Application & Custom Settings. Then select Upload and Add.
5. For the Preference Domain, paste the value copied from the Admin Console.

   

In the Arrow Admin Console, copy the PLIST value:

• On the Risk Detection page, in step 1, select Copy value next to the Property List (PLIST) field.
  

  

In Jamf, complete the policy:

1. Paste the copied value into the Property List field.
2. Select Add and then Save. 

   

After performing these steps, the deployment might take up to eight hours, but it's usually faster.

To ensure Risk Detection's proactive threat monitoring doesn't alert or disrupt employees, you must wait for the policy to take effect in your MDM before deploying the Arrow Smart Extension to enrolled devices and activating the feature.

In Jamf, check the policy was applied:

1. Using a device that was part of the deployment targets, go to the Mac System Settings, General, and Device Management, and then find the policy you created.
2. After opening that policy, confirm the Risk Detection value is there.

   

Go back to the Arrow Admin Console, and select Continue to move to the second step.

2: Mass deploy the extension

You can skip this step if you've previously deployed the extension.

You must deploy the Credential Protection policies before you deploy the Arrow Smart Extension. This order ensures the extension installs silently. If you don't deploy the policies to your targeted machines, your employees will be asked to log in to Arrow on every login screen. If you deploy the extension before the policies, employees might create a personal account before the policies are applied.

Return to step 1 to deploy the policy

Although Credential Risk Detection is most beneficial when rolled out to your entire organization, you can start with a smaller group (or just yourself) by restricting the policy. You can extend Risk Detection to more of your employees at any time.

In Jamf, force-install the extension on enrolled devices:

1. Select the Scope tab, and then select All computers or Specific computers.
2. If you select Specific computers, select Add next to the devices you want to include in the deployment, then select Done.
3. Select Save.
   

   

In the Arrow Admin Console select Complete to confirm the extension was mass deployed.

After this deployment, you can turn on Credential Risk Detection. You can also turn on AI phishing alerts and In-browser nudges.

Learn more about Credential Risk Detection
Learn more about AI phishing alerts
Learn more about In-browser nudges

If you turn on Credential Risk Detection or AI phishing alerts, the information collected will be logged in the Activity Log and displayed on the Risk Detection and Phishing Alerts pages.

More about Risk Detection insights
More about Phishing alerts insights

If you have any issues turning on these features, please contact our Support team.

Contact an agent through the Admin Console
Chat with our bot

Watch the macOS + Jamf setup video

You can watch a step-by-step video of the macOS + Jamf setup.