Apple @ Work: Fresh & Fun 2023 Updates for Apple Device Management
Apple's Worldwide Developer Conference 2023 has concluded, and as we venture into a summer of beta testing, let's touch on the updates particularly relevant for IT folks using Mobile Device Management.
🍏 macOS Sonoma
📺 tvOS 17
📱 iOS 17
⌚ watchOS 10 (Apple Watch is making its way into MDM)
📲 iPadOS 17
Account-driven Device Enrollment
Enrolling devices is simpler with Account-driven Device Enrollment. Using work accounts, users can streamline the setup process for iPhones, iPads, and Macs, balancing work and personal spaces, especially on macOS.
Apple Watch and MDM
When paired with a supervised iPhone, an Apple Watch can now be managed with Mobile Device Management (MDM) tools. This development introduces more control and potential applications in diverse work settings.
Setup Assistant’s Enhancements
With Automated Device Enrollment, organizations can set specific criteria for devices, ensuring they match certain standards, including OS versions and SOC2 compliance. FileVault activation is an available feature too.
Updates to Managed Apple IDs
Come autumn, Managed Apple IDs will see tweaks that enhance integration with iCloud and Continuity. Key changes include:
- Continuity Features: Ranging from AirPlay to Universal Control.
- iCloud Keychain: Safely store credentials across devices.
- Apple Wallet: Integration with cards, passes, and potentially Apple Pay.
- Developer Access: Managed Apple IDs can now be part of the Apple Developer program, given the right permissions.
Less Reliance on Passwords
With PassKey in iCloud Keychain, Apple aims to move towards a more secure and efficient authentication system. Managed Apple IDs are also embracing this shift.
Custom Identity & Further Technical Adjustments
There’s enhanced support for creating Managed Apple IDs via public and in-house IdPs. macOS sees improved SSO functions and expanded device management capabilities.
Security: Managed Device Attestation for macOS
A focus on reinforcing security is evident with the introduction of Managed Device Attestation for macOS.
Ethernet Configuration for iPhone, iPad, and Apple TV
The 802.1X for Ethernet feature has been introduced. While this might be more relevant for Apple TV, it's available for other devices as well.
Private 5G and LTE Networks for iOS/iPadOS 17
iPhones and iPads can now engage with private 5G and LTE networks, offering nuanced connectivity options.
Return to service facilitates the switch to another MDM vendor
In iOS 17, the 'Return to Service' (RTS) feature allows device management vendors to deploy a Wi-Fi profile alongside a device-wiping command. With your MDM, you can automatically activate and re-enroll devices after erasing. The device retains its initial language and region settings. For cellular devices, Apple advises using the “Preserve data plan after wiping” option to ensure the eSIM data plan remains undisturbed, facilitating easier user reactivation.
That covers the main updates. Those involved in IT or security should watch out for more detailed breakdowns of these features in iOS 17, iPadOS 17, tvOS 17, macOS Sonoma, and watchOS 10 in upcoming discussions.