It’s that time of the year; Apple has once again revealed an interesting set of updates at its Worldwide Developers Conference 2022, aka WWDC22. With new features as well as enhancements to existing ones, the aim this year is to elevate the end user’s experience and privacy while enriching device management and security for IT admins.
Apple followed its usual trend with monikers and introduced us to macOS Ventura and iOS 16, the next iterations of each OS. This September will see the release of iOS 16, with iPadOS 16 and tvOS 16 tagging along. On the other hand, macOS Ventura is set to release later this fall. Let us dive into all the new updates, how they affect the status quo, how you can best leverage them, and the steps you need to take for continued device management.
Onboarding devices without snafus
Bringing corporate devices under management is a tedious process for IT teams if the devices were procured through nontraditional channels. It often means the devices have to be individually plugged into Macs to perform enrollment.
Apple has been addressing this issue progressively. Last year saw the introduction of Apple Configurator for iPhones, with which macOS devices can be directly added to Apple Business Manager (ABM). This year’s update will extend this capability for iPhones and iPads so that any Apple device can be added to ABM though touchless means.
SSO is another aspect Apple is improving this year with support for enrollment and subsequent app logins using any of the SSO protocols. This significantly improves the end-user experience while onboarding devices and using apps.
More secure and convenient identity management
Employees are required to log in frequently with complex yet unique passcodes that adhere to organizational policies for accessing different services. From an end user’s perspective, convenience matters the most.
Previously, organizations that use Apple services for storage and productivity had to rely solely on Azure AD for user and Managed Apple ID management. We can safely say the more the merrier when it comes to IAM integrations. Apple’s decision to add Google Workspace for IAM is right on time. From now on, ABM will support user management and federated logins through Azure AD and Google Workspace. What’s more, Apple is introducing SSO to allow users to log in to supported third-party apps by federating logins through these IAM services. This integration also automates Managed Apple ID creation, saving admins and end users plenty of time.
A stronger digital fortress
Between the increasing complexity of cyberattacks and the evolution of security beyond the network perimeter through concepts like Zero Trust, security professionals are overwhelmed. There are too many factors to consider, like user identities, device identities, locations, and device postures.
Apple aims to tackle device identity verification by introducing Managed Device Attestation. This feature aims to provide airtight device identity verification by attesting the device and the communications originating from it while accessing corporate resources, contributing to the device’s trust score. These assurance checks help thwart a plethora of cyberattacks, like spoofing.
Macs received two other security updates as well. Admins can now control how peripherals and other devices establish a wired connection with Macs. Also, any unauthorized reset triggered on a Mac will make an internet connection mandatory to set up the device, thus ensuring mandated management on it.
Lighting-quick security fixes
N-day exploits are attacks that leverage vulnerabilities with known fixes that were not implemented in time. Devices with such unpatched vulnerabilities make up a major attack surface exploited by malicious actors. But from a productivity angle, updates can break apps or delete unsaved work, which are strong considerations for admins when scheduling updates.
With Rapid Security Response, Apple plans to eliminate the need to restart devices or wait for large updates to download. There will ideally be small update packages that fix devices silently sans reboot. Additionally, Apple is expanding the scope of last year’s macOS software update feature to provide more real-time visibility for admins.
Privacy and accessibility improvements
An employee- and user-centric approach is the need of the hour for every organization. Apple is known for its user-centric approach and incorporating these values in its products. Another aspect Apple has been focusing on is user privacy. Apple’s actions show that it has been keeping up with the rising demand for privacy
For example, Apple has introduced new features that help separate personal data from work data on employee-owned devices. DNS traffic and network filtering can now be achieved at a per-app level, going hand in hand with a per-app VPN.
In addition, accessibility settings can now be managed through MDM profiles to help employees with special needs adopt Apple devices with ease.
Improvements to scalability and more for device management
This year, Apple has opened up declarative device management to all types of enrollment. This feature, which puts some level of the device management onus on the devices by making them proactively perform tasks, offers better scalability for UEM and MDM vendors.
Also, shared iPads can now remember the previous logged-in user for up to seven days before needing to connect to the corporate network to authenticate Managed Apple IDs.
ManageEngine will provide zero-day support for WWDC22 releases
ManageEngine Mobile Device Manager Plus is an EMM solution that helps with the management of Apple as well as Android, Windows, and ChromeOS devices. Mobile Device Manager Plus will provide zero-day support for iOS, iPadOS, and tvOS 16 as well as macOS 13. This means that with Mobile Device Manager Plus, you can seamlessly carry out your day-to-day management tasks on these new OS versions with zero delay! We also plan to have zero-day support for the majority of the features listed above. Subscribe to our forum posts and blogs to stay updated on everything Apple.
Start a free, 30-day trial in minutes to manage your Apple fleet seamlessly!
** Optrics Inc. is an Authorized ManageEngine partner
The original article can be found here: