Apple's worldwide 2019 developer conference starts next Monday, June 3, and as in previous years ( WWDC 2018 WWDC 2017 etc.), We will look at and write about all business news . We learn about iOS 13, MacOS 10.15 and more.
The device management breach session will stream live at 11:00 am on PT Friday 7th. June, but we will probably get information from the developer's pasture and documentation earlier this week.
What do we want to see, and what do we really get?
First, we need to give the mandatory introduction and put together the context before we begin our supplement: Setting out multiple operating systems used by countless companies worldwide in high-stakes, high security situations are a big job. Apple must consider any changes very carefully, as the large scale may enlarge any issues in headline news. Overall, they do a good job, and the Apple device management is consistent and secure, especially if you understand Apple's perspective and have good processes to handle change.
Now that we're out of the way, here are my thoughts that go into WWDC 201
If you've read this blog for a while, you've probably seen my article, " iOS MDM needs to get better for BYOD "first published in 2017 and updated several times since then. The short version is that while monitoring MDM mode and the Device Enrollment program is very good for companies responsible for business, the experience of BYOD users registering their phones in regular MDM is behind time. We can use:
- A work and school mode does not interfere with MDM managed apps and accounts.
- More transparency for end users, so they better understand what the employer's MDM is and does not.
- 19659015] More privacy. I think that a few features, such as polling personal apps, should be removed from the usual MDM mode (not monitored).
- Registering with multiple MDM servers will also be nice to have.
I've rehashed these points a million times in that article and on podcasts, and I know many people feel the same. Hopefully we get clarity, but in the meantime I've become much more pragmatic over the years, and I think having separate phones for work and personal use is perfect.
On a related note, monitored mode has room for new features as well. There are many items in the Settings app user interface that are still not exposed as MDM APIs. What about managed app configuration settings for the settings app itself ?
In the past year, we have covered Jamf Connect and Mosyle Auth two third-party products that can connect macOS user accounts to cloud identity platforms. In addition, Apple added support for connecting Managed Apple IDs to Microsoft Azure AD via SAML. And generally, identity and conditional access becomes a central part of the end user's calculation.
So, the clock is right for Apple to continue adding various forms of support for cloud identity providers and SAML in all of its products. The more, the better!
If you are familiar with the term " hype cycle " (as outlined by Gartner), you can see that the idea of using an iPad as a portable replacement is on "The Incline of Enlightenment . " In other words, this actually becomes a real thing now, and people use iPad Pros everywhere.
This does not affect the business a large amount – if you can support iPhones, you can support iPads but many of us in the EMM room do this, so we are happy with what can come with iOS 13. Rumors are that get more windows for apps and "Stackable cards" as well as a renewed files app and maybe even mouse support.
macOS goes through a multi-year transition from traditional to MDM style management, just like Windows 10. The difference is that Apple is able to shut down older techniques more easily than Microsoft.
What makes This interesting is that many IT departments are starting to manage Macs for the first time, and we are at that time when many more companies offer them as an alternative to Windows. As a result, administration platforms like Jamf, Fleetsmith, Mosyle, Addigy and Workspace ONE are all crazy.
More is happening here than I can cover in a part of a preview, for example, it is user-approved MDM, app notation, and the latest poisons of imaging, but generally this is under the microscope more than ever.
Most people use iOS security for granted, and that's probably fine. However, there is a lot going on when you look deeper:
- It is easy to side load programs with just a little bit of Googling.
- There was only one hell around companies that used MDM for parental control, not to mention the episode with Facebook and Google using in-house enterprise app certificates in unauthorized ways. And the iOS 12.2 change that made BYOD units more difficult to record on MDM, also apparently came from a security angle.
- IOS devices are attacked by things like the GrayKey code switch and products from the NSO group.
- And with the App Store antitrust case going forward, who knows what might happen if third-party app stores became one thing.
Mobile threat defense products are around to help these issues and this growing industry is growing. There are still concerns that these MTD agents are having a hard time doing their job, though. Perhaps we could see Apple giving some mobile threat defense providers more access to IOS? One thing is certain – as these devices and the OSs become more complicated, the security conversation around them becomes more important.
We all want Apple to be more open, but they have taken steps to the right. Remember, they finally started live streaming all WWDC sessions a few years ago, a great improvement from the way we had to guess details in new iOS versions all summer.
Every company should test beta versions by iOS and macOS-even if you don't have any internal apps or you don't do MDM, you are still a mobile company . And don't forget, you can also send feedback.
For further positive news, we also saw Apple at the Jamf Nation User Conference, and appears on Mac Admins Podcast .
Until we come to all business news from WWDC 2019, we have a lot of other information on the page