Apple has introduced a selection of interesting improvements for iOS and Mac admins in the recently introduced iOS 14, including new APIs for mobile device management (MDM) and usability improvements.
The easy (but good) stuff
One of the better enhancements is the introduction of choice. iPhone and iPad users can now choose which web browser and/or email app they want to use. While Safari is highly secure (and more secure in the latest OS iterations), the real beauty of this improvement is in email, as enterprises built around use of Microsoft Office will now be able to standardize on use of Outlook on enterprise mobile devices. The process is pretty simple: Install the app you want to use and then set it as default in application Settings on the device.
Privacy is also improved with a recording indicator which is displayed whenever an app has access to the microphone or camera
Improvements for MDM
On a slightly deeper note, Apple has signalled the importance of enterprise IT with its recent Fleetsmith purchase and has boosted this message with a series of useful APIs in its latest (or upcoming) operating systems MDM developers can make use of.
Announcing same day support for iOS 14, Jason Wudi, CTO, Jamf, said: “This year, Apple has made important updates in user provisioning, powerful enterprise workflows, and ensuring security while upholding user privacy, and we’re excited about what these advancements mean for IT and the end users that rely on Apple’s platforms.”
Microsoft Intune is also delivering new functionality along with iOS/macOS. “Microsoft Intune is excited to support Apple in their launch of iOS 14, iPadOS 14, and watchOS 7,” the company said. “We are delighted to deliver new functionality alongside Apple’s launch.” You can read more on this at Microsoft here.
The new APIs deliver useful improvements.
Better control of the setup process during device activation. One of the key steps here is that admins can accelerate the process by skipping unnecessary steps. For example, if your employees don’t use an Apple Watch there is no need to work through or cancel the setup steps for the device.
Apple’s decision to take Shared iPad out of the classroom and into the enterprise will also pay dividends. It means that admins can create user-level configurations of shared devices. They should also see the number of users configured on a single device in their admin console, assuming users are resident on those devices.
Apple has also improved VPN configuration. In this case, it means admins can configure systems with VPN settings for specific and default apps. They can also specify which apps and domains can use the VPN, again, this provides an additional level of control around access to corporate services and data.
Apple has improved managed apps so admins can now enable permission to allow end-users to remove them from their devices if they aren’t required and forbid such removal if they are required.
Apple improved MDM around content caching. It’s now possible to build MDM solutions that provide content caching metrics, which lets admins monitor use.
Admins can also now set time zones and restrict the randomization of MAC addresses over Wi-Fi. These enhancements should help improve enterprise security, particularly as even many businesses are now exploring geolocation protection around WFH deployments in an attempt to build a border against remote phishing attacks.
Apple hasn’t published shipped the next version of macOS, but the release builds in numerous enterprise improvements first seen in iOS. Enrolment has been improved, including with supervised enrolment. It is now also possible to defer updates for up to 90-days, or force update of managed devices. App management via MDM has also been improved as described above. We can anticipate further enhancements to the platform as the company coalesces around Apple Silicon.
Opportunity: App Clips
While not an enterprise-focused improvement, one of the big opportunities in iOS 14 may turn out to be App Clips. These are cut down versions of the native app that provide just enough code for an iOS device to handle a single transaction. These might be of use in iOS-compatible guest logging and entry systems, and may provide useful conduits for retail, visitor attractions and hospitality deployments, assuming we ever get to visit places again.
The idea is that by providing users with a taste of what an app can do, it becomes easier to encourage users to install the entire app.
Please let me know which of these enterprise improvements are of particular use within your enterprise or flag any smaller enhancements that merit a little more attention.
Copyright © 2020 IDG Communications, Inc.