How Apple improved enterprise deployments at WWDC
Apple introduced dozens of enhancements for enterprise customers and IT admins at its developer convention final week. Here are probably the most noteworthy ones we’ve got recognized up to now.
Apple
Apple stays centered on the wants of enterprise IT. With this in thoughts, it made a number of attention-grabbing modifications at WWDC 2022. Here’s a rundown of the enhancements Apple introduced we have recognized up to now.
Apple introduced a raft of developer applied sciences
Apple ushered in a variety of enterprise-focused enhancements throughout the developer classes held on the occasion.
Declarative Device Management
Introduced in 2021, declarative system administration works to make units extra autonomous and proactive, whereas permitting servers to be light-weight and reactive. It is now additionally accessible for Macs.
Managed system attestation
A brand new safety characteristic that makes use of the Secure Enclave to supply robust assurances a couple of shopper system, resembling its id and software program model.
Apple Configurator
Apple Configurator for iPhone was launched in 2021. It lets admins add Macs bought outdoors of the conventional channel to their group utilizing Apple School Manager (ASM) or Apple Business Manager (ABM). When working Setup Assistant on the Mac, admins simply want to carry an iPhone working Configurator over the animation. The Mac will then connect with the web and add itself to your group. At WWDC 2022, Apple prolonged Configurator for iPhone in order that it could actually now additionally add iPhones and iPads.
Google Workspace
In holding with the transfer towards password-less entry, Apple needs to construct programs robust sufficient that customers solely have to check in as soon as after which for that id to be held throughout the whole lot else. With that aim in thoughts, the corporate confirmed that for Federated Authentication, Apple Business Manager now integrates with Google Workspace as an Identity Provider.
Sign in with Apple
The firm mentioned this characteristic can now be be used at work and college with Managed Apple IDs. There are further safety features baked in, so admins can permit all apps or chosen apps to make use of the check in instrument.
OAuth2 help
This is sort of an essential change. Apple used a token-based authorization system in iOS/iPad OS 15 to permit MDM servers to confirm consumer id. This modifications in iOS/iPad OS 16 with the addition of help for OAuth 2 as one other authorization mechanism. This means MDM servers will be capable to help further id provision programs suppliers additionally improves safety, and provides one other new characteristic that’s described under.
Enrollment Single Sign-on, or Enrollment SSO
This is a quicker system that allows staff to enroll their private units into your group’s MDM system. The system requires customers to enter their e-mail deal with to obtain an enrollment single-sign-on app. The consumer then indicators in as soon as and the app handles the remainder of the method. The system does require IT and MDM distributors to take sure steps earlier than it’s supported, together with MDM server configuration to make sure the proper JSON doc is shared.
Platform Single Sign-On (Platform SSO)
macOS Ventura positive factors this new characteristic, which lets customers check in as soon as on login to routinely signal into apps and web sites. The characteristic, which makes use of a variety of applied sciences — together with third-party SSO extensions, its personal Kerberos extension, FileVault, OAuth, OpenID and so forth — means chances are you’ll by no means want to recollect one other web site password, or undergo the method of getting into it, once more, at no compromise to your safety.
Automated system enrollment
Apple made an essential change to automated system enrollment, one which I think about will make it a lot tougher to setup a misplaced or stolen managed system on the market. The firm says ASM/ABM-registered Macs should have an web connection to be setup as soon as erased or restored.
Accessory safety
To defend towards close-access assaults, a brand new MDM setting lets directors require a consumer password earlier than utilizing new Thunderbolt or USB equipment with M-series Apple notebooks.
Web content material filtering
Admins will be capable to apply Web content material filters and DNS proxies on managed iPhones and iPads working iOS 16 and iPadOS 16.
Making it simpler to swap eSIMs
You will be capable to switch eSims between iPhones utilizing Bluetooth. To achieve this, simply transfer your older iPhone near your new one and comply with the Set Up Cellular command dialog. Apple additionally put protections in place to make sure customers don’t by accident delete their current eSIM, as doing so requires a brand new one be provisioned.
Shared iPad enchancment
This slight enchancment might make a giant distinction. A brand new command lets admins autosuggest the area title of your organization when a consumer begins to enter a Managed Apple ID. This goes to save lots of lots of time for shared iPads, significantly when dealing with complicated URLs, because it means spelling turns into much less of an issue.
Accessibility in iOS and iPadOS 16
Apple has added instruments to let MDM programs handle widespread accessibility settings together with Text Size, VoiceOver, Zoom, Touch Accommodations, Bold Text, Reduce Motion, Increase Contrast, and Reduce Transparency. Users can modify these settings, nevertheless it does means units may be made extra accessible from the beginning.
Apple additionally made some keynote bulletins
Apple additionally made a number of bulletins that ought to profit enterprise and enterprise customers throughout its WWDC keynote:
Continuity Camera
This enables you to use your iPhone as a webcam and provides a Desktop view to allow you to share video from above your keyboard.
Mail and messages enhancements
The welcome (and long-awaited) introduction of enhancements to Mail search will assist everybody. Scheduled emails, the capability to delete despatched emails and the power to set reminders to return to unactioned emails will all make a giant distinction to workflow. This is Apple taking part in catch-up, as options like these have been accessible to different e-mail platforms utilizing instruments resembling Boomerang.
Metal 3
Some attention-grabbing enhancements inside Metal 3 embody the capability to create extra picture reasonable environments and to take additional benefit of graphics reminiscence to drive functions.
Spotlight search
This means you will get worthwhile net outcomes at a platform stage. This doesn’t utterly substitute conventional search engines like google, nevertheless it’s a desideratum of what’s to come back.
Live textual content
The capacity to drag textual content (in actionable format) out of photographs and video will make an enormous distinction to customers and opens attention-grabbing prospects for builders, significantly at companies working with worldwide audiences.
Rapid Security Response
Rapid Security Response will make a strong distinction to hybrid and distant enterprises because it means Apple can straight set up safety updates into Macs, iPhones, and iPads. This ought to assist speed up set up of software program updates throughout companies that till now relied on worker discretion round updating. It additionally means MDM programs don’t want to attend on full updates.
Passkeys
These are essential, as they usher in a very passcode-free future. The transfer ought to vastly scale back enterprise and private vulnerability to phishing.
Have you come throughout further enterprise enhancements introduced at WWDC? Please drop me a line and let me know.
Please comply with me on Twitter, or be part of me within the AppleHolic’s bar & grill and Apple Discussions teams on MeWe.