{"id":56143,"date":"2021-11-09T11:55:43","date_gmt":"2021-11-09T16:55:43","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=56143"},"modified":"2022-10-07T16:35:44","modified_gmt":"2022-10-07T20:35:44","slug":"restrict-icloud-private-relay","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay","title":{"rendered":"Should I Restrict iCloud Private Relay for Managed Devices?"},"content":{"rendered":"\n<p>Private data is private. Personal data is private. Apple takes great pains to ensure that their users\u2019 data remains in control of the user and nobody else. To that end, with the release of iOS 15 and macOS Monterey, Apple has created a new feature called iCloud Private Relay.&nbsp;<\/p>\n\n\n\n<p>It allows iCloud users, while using Mail.app or Safari, to shield their own traffic from prying eyes. This is great for the user, but it could cause issues when active on your company\u2019s internal network. While it\u2019s not a VPN, it does do some similar things:&nbsp;<\/p>\n\n\n\n<ul><li>It obscures your web browsing<\/li><li>It sends your data through a pair of relays, effectively hiding your IP or your exact location; and,&nbsp;<\/li><li>It masks the contents of your browsing&nbsp;<\/li><\/ul>\n\n\n\n<p>As a user, all you need to do is turn it on in your iCloud settings. It is built into iOS 15 and macOS Monterey and requires no advanced computer or programming skills to enable. And therein lies the problem: IT admins are often required (by compliance regulation or internal policy) to maintain a certain degree of visibility across the network. When end users can prevent that from happening, using native features built into their devices, compliance is at risk.&nbsp;<\/p>\n\n\n\n<p>Whether <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-byod\">BYOD<\/a> or corporate-owned (COD), the clash of B2C and B2B features can create headaches or, worse, fines and undue auditing. This article highlights how iCloud Private Relay works, why an admin may need to restrict it, and how.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How Does it Work?<\/h2>\n\n\n\n<p>When using Safari, <a href=\"https:\/\/developer.apple.com\/support\/prepare-your-network-for-icloud-private-relay\/\" target=\"_blank\" rel=\"noreferrer noopener\">Apple<\/a> takes your traffic and splits up the information into two pieces: your IP address (where you are) and your DNS request (what you\u2019re looking for). Private Relay encrypts the DNS request and sends it, along with your IP address, to an Apple proxy server. Apple, in the meantime, has handed over encryption keys to a third party (educated speculation is that this third party is either Cloudflare, Fastly, Akamai, or some combination of them), which runs a second proxy. Apple assigns an anonymous IP to the encrypted DNS request.\u00a0<\/p>\n\n\n\n<p>This means that Apple knows your real IP but not your DNS request. And the proxy knows your DNS request but not your real IP. Safe-safe \u2013 no single party knows your full browsing story.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why Restrict Private Relay?<\/h2>\n\n\n\n<p>While this feature may be great for direct consumers of Apple products, it might not be great for administrators who use those same products in a corporate setting. There are reasons (e.g. compliance, disclosure, company policy) why an organization may want to restrict access to the Private Relay feature. As an example, companies or educational institutions might be required by policy to audit all traffic or to implement parental controls. In other cases, admins may want a higher degree of visibility on the network due to the sensitive nature of their organization\u2019s business, and ensure employees cannot pass data off the network they shouldn\u2019t and go unnoticed.<\/p>\n\n\n\n<p>You can\u2019t audit or protect what you can\u2019t see, even if what you see is that there\u2019s a proxy on the network.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Restrict Private Relay<\/h2>\n\n\n\n<p>As admins, you can use DNS and <a href=\"https:\/\/jumpcloud.com\/blog\/mdm-mobile-device-management\">MDM<\/a> restrictions to help limit Private Relay.<\/p>\n\n\n\n<p>The most expeditious way to block Private Relay is to edit your DNS resolver. To avoid resolution timeouts \u2013 which can be frustrating for users \u2013 configure your DNS resolver to return a negative answer rather than just silently dropping packets. The Private Relay(s) to restrict are:<\/p>\n\n\n\n<p>mask.icloud.com<\/p>\n\n\n\n<p>mask-h2.icloud.com<\/p>\n\n\n\n<p>If you don\u2019t have an on-premises DNS resolver and your network equipment isn\u2019t managing your DNS resolution, your next option is to restrict Private Relay via MDM. Configure a payload with the <a href=\"https:\/\/developer.apple.com\/documentation\/devicemanagement\/restrictions\">following keys:<\/a>&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/0.1.png\" alt=\"\" class=\"wp-image-63538\" width=\"901\" height=\"72\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/0.1.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/0.1-300x24.png 300w\" sizes=\"(max-width: 901px) 100vw, 901px\" \/><\/figure>\n\n\n\n<p>The screenshots below highlight how this payload can be configured and deployed using <a href=\"https:\/\/jumpcloud.com\/platform\/mdm\">探花大神 MDM<\/a>:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img decoding=\"async\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/1.2-16.png\" alt=\"\" class=\"wp-image-63539\" width=\"686\" height=\"487\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/1.2-16.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/1.2-16-300x212.png 300w\" sizes=\"(max-width: 686px) 100vw, 686px\" \/><figcaption><em>Within the Policy Management tab of the 探花大神 Admin Console, create a new Policy and add the code below, replacing your unique UUID\u2019s and Identifiers as necessary.<\/em><\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"700\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/2.2-12.png\" alt=\"\" class=\"wp-image-63540\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/2.2-12.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/2.2-12-297x300.png 297w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><figcaption><em>This is a snapshot of the code from the mobileconfig file. You may download this file (in the sidebar) for use with your JC MDM; be sure to customize any UUIDs in the file for your situation.<\/em><\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"692\" height=\"525\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2022\/05\/3.2-4.png\" alt=\"\" class=\"wp-image-63541\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/3.2-4.png 692w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/3.2-4-300x228.png 300w\" sizes=\"(max-width: 692px) 100vw, 692px\" \/><figcaption><em>Once deployed, a new profile will appear on the end user\u2019s computer to reflect the new policy.&nbsp;<\/em><\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Bottom Line<\/h2>\n\n\n\n<p>New technologies need to be evaluated on release. As admins, you should, in a perfect world, evaluate these technologies throughout the <a href=\"https:\/\/appleseed.apple.com\/sp\/welcome\">beta process<\/a> and again upon release, so that you are prepared to answer user questions and requests on Day 1. Existing technologies, such as&nbsp; iCloud, should be reviewed periodically to be sure they haven\u2019t broken (or broken something) along the way.&nbsp;<\/p>\n\n\n\n<p>It\u2019s important to recognize that one size does not fit all and while some features are harmless, others can be detrimental. Every company needs to look at features (old and new) with their company policies in mind. Admins are responsible for informing the key stakeholders of the risk-reward of all features and are responsible for being ready for or making ready the solution to reduce the risk.<\/p>\n\n\n\n<p>探花大神 recently hosted a webinar with Mac experts Pam Lefkowitz, Tom Bridge, and Bradley Chambers discussing this and the many new features of macOS 12 Monterey, which was recently released as a free major OS update. You can view this <a href=\"https:\/\/jumpcloud.com\/resources\/what-to-expect-from-macos-monterey-decommissioning-apple-mdm-more\">on demand webinar<\/a> to learn about macOS Monterey and some of the coolest new features for IT admins everywhere, including how to speed up return-to-service workflows with Monterey\u2019s erase all content and settings feature, the ability to enroll machines that were purchased outside of standard methods into <a href=\"https:\/\/jumpcloud.com\/blog\/apple-business-essentials\">Apple Business Manager<\/a>, security improvements for the file system, a discussion around Pluggable Authentication Modules (PAM) that\u2019s controllable with TCC Profiles, and more.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.<\/p>\n","protected":false},"author":153,"featured_media":56164,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23,2782],"tags":[2466,2468,2420,2467,2472,2503,2471,2469,2373,2470],"collection":[2778],"platform":[],"funnel_stage":[3016],"coauthors":[2518],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Should I Restrict iCloud Private Relay for Managed Devices? - 探花大神<\/title>\n<meta name=\"description\" content=\"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Should I Restrict iCloud Private Relay for Managed Devices?\" \/>\n<meta property=\"og:description\" content=\"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\" \/>\n<meta property=\"og:site_name\" content=\"探花大神\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-09T16:55:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-07T20:35:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Pam Lefkowitz\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pam Lefkowitz\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\"},\"author\":{\"name\":\"Pam Lefkowitz\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/2f96f2e7926ef814173cefbd4e0c7e88\"},\"headline\":\"Should I Restrict iCloud Private Relay for Managed Devices?\",\"datePublished\":\"2021-11-09T16:55:43+00:00\",\"dateModified\":\"2022-10-07T20:35:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\"},\"wordCount\":985,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png\",\"keywords\":[\"apple\",\"icloud\",\"IT Admin\",\"mdm\",\"mobilconfig\",\"MSP\",\"privacy\",\"private relay\",\"security\",\"vpn\"],\"articleSection\":[\"Best Practices\",\"MSP\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\",\"url\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\",\"name\":\"Should I Restrict iCloud Private Relay for Managed Devices? - 探花大神\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png\",\"datePublished\":\"2021-11-09T16:55:43+00:00\",\"dateModified\":\"2022-10-07T20:35:44+00:00\",\"description\":\"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png\",\"width\":1024,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Should I Restrict iCloud Private Relay for Managed Devices?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"探花大神\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"探花大神\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"探花大神\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/2f96f2e7926ef814173cefbd4e0c7e88\",\"name\":\"Pam Lefkowitz\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/69352a9958671b8b13e2ddb62aec40f7\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d721f0f58aa124a6e91f519f4317eb58?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d721f0f58aa124a6e91f519f4317eb58?s=96&d=mm&r=g\",\"caption\":\"Pam Lefkowitz\"},\"description\":\"Pam is an IT Columnist at 探花大神 where she uses her experience as a consultant and MSP to write about IT admin life and tech. Outside of (remote) work hours, she spends her time with her dog, visiting her kids across the country, and being creative with fiber.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Should I Restrict iCloud Private Relay for Managed Devices? - 探花大神","description":"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay","og_locale":"en_US","og_type":"article","og_title":"Should I Restrict iCloud Private Relay for Managed Devices?","og_description":"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.","og_url":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay","og_site_name":"探花大神","article_published_time":"2021-11-09T16:55:43+00:00","article_modified_time":"2022-10-07T20:35:44+00:00","og_image":[{"width":1024,"height":1024,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png","type":"image\/png"}],"author":"Pam Lefkowitz","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Pam Lefkowitz","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay"},"author":{"name":"Pam Lefkowitz","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/2f96f2e7926ef814173cefbd4e0c7e88"},"headline":"Should I Restrict iCloud Private Relay for Managed Devices?","datePublished":"2021-11-09T16:55:43+00:00","dateModified":"2022-10-07T20:35:44+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay"},"wordCount":985,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png","keywords":["apple","icloud","IT Admin","mdm","mobilconfig","MSP","privacy","private relay","security","vpn"],"articleSection":["Best Practices","MSP"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay","url":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay","name":"Should I Restrict iCloud Private Relay for Managed Devices? - 探花大神","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png","datePublished":"2021-11-09T16:55:43+00:00","dateModified":"2022-10-07T20:35:44+00:00","description":"Apple has created a new feature: iCloud Private Relay. It allows users to shield traffic from prying eyes. But do you want to allow that? Learn how to turn off that service in this article.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/11\/safari.png","width":1024,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/restrict-icloud-private-relay#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Should I Restrict iCloud Private Relay for Managed Devices?"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"探花大神","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"探花大神","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"探花大神"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/2f96f2e7926ef814173cefbd4e0c7e88","name":"Pam Lefkowitz","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/69352a9958671b8b13e2ddb62aec40f7","url":"https:\/\/secure.gravatar.com\/avatar\/d721f0f58aa124a6e91f519f4317eb58?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d721f0f58aa124a6e91f519f4317eb58?s=96&d=mm&r=g","caption":"Pam Lefkowitz"},"description":"Pam is an IT Columnist at 探花大神 where she uses her experience as a consultant and MSP to write about IT admin life and tech. Outside of (remote) work hours, she spends her time with her dog, visiting her kids across the country, and being creative with fiber."}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56143"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/153"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=56143"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56143\/revisions"}],"predecessor-version":[{"id":70172,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/56143\/revisions\/70172"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/56164"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=56143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=56143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=56143"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=56143"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=56143"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=56143"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=56143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}