Apple @ Work is delivered to you by Kolide, the gadget belief resolution that ensures that if a tool isn’t safe, it could’t entry your cloud apps. In case you have Okta, Kolide may also help you get your fleet to 100% compliance. They’re Zero Belief for Okta. Study extra or request a demo right now.
Apple’s World Large Developer Convention for 2023 has come and gone as soon as once more, and now we flip our consideration to the summer time of beta testing, getting ready coaching, and extra. I’ll be diving into many of those bulletins within the coming weeks, however I need to run by way of the high-level updates that Apple IT directors must know for macOS Sonoma, tvOS 17, iOS 17, watchOS 10 (sure, Apple Watch is coming to MDM), and iPadOS 17.
About Apple @ Work: Bradley Chambers managed an enterprise IT community from 2009 to 2021. By way of his expertise deploying and managing firewalls, switches, a cell gadget administration system, enterprise grade Wi-Fi, 100s of Macs, and 100s of iPads, Bradley will spotlight methods through which Apple IT managers deploy Apple gadgets, construct networks to assist them, practice customers, tales from the trenches of IT administration, and methods Apple may enhance its merchandise for IT departments.
Account-driven System Enrollment
Account-driven System Enrollment is a streamlined resolution that simplifies the method of enrolling company-owned iPhone, iPad, and Mac gadgets into administration by using customers’ work accounts. This progressive strategy ensures that the enrollment expertise maintains a transparent distinction between work and private content material. Moreover, in macOS, it grants the additional advantage of enabling gadget supervision. With Account-driven System Enrollment, the duty of managing gadgets turns into extra environment friendly and tailor-made to the wants of each customers and organizations.
watchOS positive factors gadget administration assist
When an Apple Watch is paired with a supervised iPhone, organizations achieve the flexibility to enroll and handle it utilizing Cellular System Administration (MDM) options. This growth of the MDM protocol opens up many prospects for creating custom-made options that improve productiveness, promote wellness at work, and bolster worker security (assume noisy warehouses, and so on). The enrollment course of entails a declarative configuration on the iPhone, unlocking the utilization of configuration profiles, app administration, MDM instructions, and declarations.
Setup Assistant enforcements
Automated System Enrollment gives organizations a means to make sure that their particular necessities are met previous to deploying gadgets into manufacturing environments. With these enhancements, organizations can mandate a minimal OS model as a prerequisite for gadget enrollment, guaranteeing compliance for SOC2, and so on. FileVault will also be enforced as effectively. Moreover, organizations have the choice to require customers to enroll their Macs into administration when registering the gadget in Apple Faculty Supervisor or Apple Enterprise Supervisor.
Updates to Managed Apple IDs
Apple can also be bringing some updates to Managed Apple IDs this fall as effectively with extra iCloud and Continuity companies. These updates embody assist for iCloud Keychain and Apple Pockets. Apple shall be permitting organizations to limit entry to particular companies and outline which administration state a tool ought to be in when a person indicators in with a Managed Apple ID. Right here’s a few of the info Apple shared on the updates
- Continuity: Customers can use AirPlay to Mac, Auto Unlock, Continuity Digital camera, Continuity Markup and Sketch, Handoff, On the spot Hotspot, iPhone mobile calls, Sidecar, SMS, Common Clipboard, and Common Management.
- iCloud Keychain: Customers can securely retailer and entry credentials (together with passkeys) on all accredited gadgets.
- Apple Pockets: Customers can add playing cards and passes to Apple Pockets together with the chance to make use of Apple Pay.
- Developer account: If allowed, Managed Apple IDs created in Apple Faculty Supervisor can take part within the Apple Developer program.
Passkeys at work in iCloud Keychain
Apple is including PassKey assist to iCloud Keychain and entry administration to Managed Apple IDs. It will enable organizations to deploy and allow password-less authentication for inner companies with passkeys.
Customized identification supplier assist for federation
To permit extra corporations to create Managed Apple IDs robotically, integration is supported with public and in-house IdPs supporting OpenID Join, SCIM, and the OpenID Shared Indicators and Occasions Framework.
Platform single sign-on updates for macOS
With enhancements to Apple’s platform SSO, builders can prolong their SSO extension to create native person accounts on a shared Mac utilizing credentials from an organization’s IdP. As well as, permissions and group membership of these customers will be managed from gadget administration instruments.
Declarative gadget administration updates
Software program replace administration is now a part of declarative gadget administration and gives new choices for when/ how an replace ought to be enforced, together with elevated notifications to the top customers. To make the transition, an MDM resolution can migrate an already deployed configuration profile right into a declarative legacy configuration with out the necessity for redeployment and potential issues.
Managed System Attestation for macOS
Managed System Attestation is accessible on macOS and gives robust assurance in regards to the safety setup and properties of the gadget in query.
802.1X assist on ethernet for iPhone, iPad, and Apple TV
iPhone, iPad, and Apple TV assist the configuration of 802.1X for Ethernet to connect with restricted networks that require authentication. Whereas I don’t assume it’ll be extremely standard on iPad and iPhone, it’s a much-needed characteristic for Apple TV.
Non-public 5G and LTE networks
With iOS/iPadOS 17, iPads and iPhones now assist Non-public 5G and LTE networks. IT admins can robotically activate personal networks when an iPhone enters a geofence and permits the gadgets to prioritize the personal mobile over Wi-Fi.
Wrap-up
These are a few of the key updates coming for IT and safety groups with the brand new variations of iOS 17, iPadOS 17, tvOS 17, macOS Sonoma, and watchOS 10. I’ll be diving into them in additional element within the coming weeks.
Apple @ Work is delivered to you by Kolide, the gadget belief resolution that ensures that if a tool isn’t safe, it could’t entry your cloud apps. In case you have Okta, Kolide may also help you get your fleet to 100% compliance. They’re Zero Belief for Okta. Study extra or request a demo right now.
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
