Apple’s enterprise IT pitch: Management, safety, identification
And it envisions all of those wrapped up in consumer interfaces that simply work, as an Apple exec defined on the world’s greatest Apple admins occasion.
Apple
Apple took a uncommon public slot at Jamf’s JNUC occasion to summarize its strategy to assembly the wants of enterprise IT whereas enabling the consumer-simple consumer experiences each employee-choice scheme tells us folks need.
Management, safety, and identification – Apple’s strategy to enterprise IT
Jeremy Butcher, head of Apple schooling and enterprise product advertising, spoke to the Jamf JNUC crowd, sharing enhancements launched at WWDC this 12 months that he sees as an excellent illustration of Apple’s work.
For years, Apple’s mission has been to ship the very best consumer expertise with as little friction as attainable. Ultimately, an worker ought to be capable to open the field, login, mechanically be enrolled in enterprise methods, and begin utilizing the machine.
For probably the most half, Apple and MDM suppliers equivalent to Jamf have already achieved this. The instruments out there to IT empower more and more advanced setups, together with the automation of time-consuming duties, equivalent to monitoring and approving third social gathering software program updates.
Securing the consumer expertise
But securing that course of isn’t a one-strike recreation, it’s a succession of a number of evolutions going down over time and reacting to — or, certainly, at occasions predicting — safety occasions.
Industry professionals acknowledge that one of many penalties of the pandemic has been a recognition that conventional perimeter safety protections merely aren’t strong sufficient to deal with endpoints in advanced deployments. In response, safety intelligence is more and more shifting to the machine, and given the vagaries of bandwidth, will possible grow to be device- quite than cloud-dependent. We noticed proof of that transfer with Jamf’s ZecOps acquisition.
When it involves its platforms, Apple is assembling constructing blocks to assist each the hardest out there safety and very best consumer expertise.
Interestingly, Butcher conceded that in some locations Apple has “room to improve,” although it’s making “great progress” in others. He mentioned 4 key enhancements made at WWDC as proof of this try.
What Apple launched at WWDC
At WWDC 2022, for instance, Apple launched:
Declarative Device Management: Now out there throughout all Apple’s platforms, units protected by this know-how can monitor themselves, let the MDM system know if a change is utilized on the endpoint, and reply extra swiftly to adjustments deployed by IT. The thought is that admins have a a lot better image of what’s going on with a tool and may apply any required insurance policies rapidly. It additionally hints at an strategy to safety that makes the Mac, iPhone, or iPad extra self-aware. Apple calls this tech, “the future of MDM.”
Managed Device Attestation: Announced at WWDC 2022, Managed Device Attestation uses the Secure Enclave inside Apple products; when a device attempts to connect to MDM or other services it must also confirm it is a legitimate request from a legitimate device. The idea here is that the device itself becomes a proof point (or not). It also introduces the concept of continuous authentication, which will become a fundamental pillar of Apple’s future approach to management and security.
SSO for Mac: Apple at WWDC introduced platform SSO (Single Sign On) at the macOS login. This seemingly simple technology is perhaps also the most visible implementation of Apple’s attempt to make set up as simple as possible — open your Mac, login, and, because your password is backed up by an ID provider, you get the best of twin worlds: the additional protection the ID provider brings, alongside the full security architecture of the Mac, including data protection and biometric access, such as Touch ID.
The company also extended user enrollment single sign on at WWDC, enabling users to enroll in an MDM service — including on personal devices — by signing into both their Managed Apple ID and ID provider’s SSL app with a single login. Sign once, and it’s done. Apple also now supports OAuth 2.0 authentication.
Where this is going
A host of additional platform improvements introduced at WWDC also reflect the core tenets of Apple’s approach. Things like the new endpoint security and network extension APIs, federated authentication for Google Workspace, and Rapid Security Response all reflect the company’s focus on management, security, and identity.
At the same time, smart card support for iPhones and iPads and the network requirement when setting up a managed Mac show the company is actively identifying and securing commonly used attack vectors.
Beyond this, Apple’s new IT Training and certifications system is designed to plug the knowledge gaps created as the number of enterprises deploying Macs, iPads and iPhones grows. “We really want to make sure our products are the best, not only for users but also for IT,” Butcher informed the viewers of Apple admins.
Please comply with me on Twitter, or be a part of me within the AppleHolic’s bar & grill and Apple Discussions teams on MeWe.