As Apple-heavy organizations prepare for iOS 13, mobile device administrators should be aware of several exciting device management features.
Apple iOS 13 device management features include new identity management and enrollment features for iPhones. Apple also announced an iPad-exclusive OS, known as iPadOS. Many of these new OSes and features can improve enterprise deployments if IT professionals understand how to take advantage of them and integrate them with a mobile device management (MDM), enterprise mobility management or unified endpoint management platform.
In this Q&A, Zack Blum, CEO and co-founder of Apple management platform vendor Fleetsmith Inc., discusses the new iOS 13 device management capabilities, as well as other Apple announcements and how they will affect the enterprise.
How will the new user enrollment feature help organizations manage Apple mobile devices?
Zack Blum: User enrollment brings BYOD into MDM natively, so there's now a happy medium among corporate security, employee privacy and personal device ownership that makes BYOD technically feasible for any organization that uses an MDM provider. For companies with a BYOD policy, the benefit is that they get to keep their devices safe, while employees don't have to give up a level of privacy on a device that is actually their own. User enrollment also helps with contract workers who typically have to provide their own devices but should have their data secured.
What do you think of the new iOS 13 device management features, such as single sign-on extensions and Sign In with Apple for user authentication?
Blum: Single sign-on is a better authentication option than username and password, and companies that offer SSO tend to be better at security. Apple's new option also fits well into its overall focus on privacy. More consumer choice and more of a privacy focus is not a bad thing, and if you're totally in the Apple ecosystem, you can stay in it.
What are use cases for the new iPadOS?
Blum: By giving iPad its own OS, it seems Apple is investing in the ecosystem and acknowledging that iPad at work brings up different use cases. The new multitasking options could be useful; [lack of iPad multitasking is] one of the reasons people are stuck with desktop-class devices, and iPadOS has the potential to make that seamless.
Zack BlumCEO, Fleetsmith
The iPad is also a great medium for design and sketching, and a better Apple Pencil only improves that use case. The Sidecar feature seems like it would benefit employees who use both iPads and Macs for work. Meaty business apps like Salesforce would be easily accessible when sliding over. On the developer side, I'm interested to see which new APIs Apple will expose so that app makers can build new integrations.
What other Apple announcements are you excited about?
Blum: From an Apple management point of view, Managed Apple IDs for Business … gives IT the ability to create and manage work Apple IDs for employees, which potentially allows customers to use federated authentication to link Apple Business Manager to Active Directory. Setup Assistant customization is also super interesting for Mac admins because they can customize their Setup Assistant workflows. For us, it creates an opportunity for information gathering and sharing and could be a way for MSPs [managed service providers] and enterprises to integrate white-labeling.
I'm also excited about the new Find My app. The way Apple has enabled devices to be found even when they are offline is interesting from a security perspective, and I wonder if there will be an integration with MDM. On the Apple management side, a bunch of smaller security improvements, such as read-only system volume and expansion of TCC-protected data, show that Apple is continuing in its security-focused direction.
What should Apple do more of moving forward?
Blum: I hope Apple continues listening to customers who use Macs in a corporate environment. Each company has different needs depending on their size. While Apple has really listened to the needs of large enterprises, they're still working on listening to the needs of smaller enterprises. [We hope] that Apple gives its MDM documentation some more TLC.
Dig Deeper on Apple iOS in the enterprise
Apple debuts multi-user iPadOS sessions for enterprise users
Mobile device security key trend in top 10 most read stories of 2019
A quick list of new enterprise features in iOS 13, iPadOS, and macOS 10.15 Catalina
iOS MDM needs to get better at BYOD, but Apple might make it harder (December 2018 update)