With Apple Platform Deployment, Apple aims at simplifying every aspect of the deployment of Apple hardware, operating systems, apps, and services. As the tech giant remains focused on the evolving needs of enterprise IT, it released some brand-new features for the deployment and management of your iPhone, iPad, Mac, and Apple TV devices this week. An overview of what’s new.
Whether your organization has one hundred or ten thousand devices, Apple Platform Deployment is designed to make it easy for your IT team to administer devices, manage their configuration, distribute apps and content, and secure corporate data. In short, it covers every aspect of the deployment of Apple hardware, operating systems, apps, and services.
As Apple remains focused on the changing needs of enterprise IT, it announced a range of enterprise-focused improvements earlier this week. An overview of what’s new can be found below. Please note that these updates are only available for Apple devoices running on the following operating systems iOS 16.4, iPadOS 16.4, macOS 13.3, tvOS 16.4.
1. Cross-site tracking prevention for relaxed domain
Some websites tend to use third-party content providers to track you across websites to advertise products and services. With cross-site tracking prevention, Apple put you back into the driver’s seat by enabling tracking prevention. With this new update, Apple takes it one step further as it introduces cross-site tracking prevention for relaxed domains, meaning you can now manage an exception list. In short, your organization can leave cross-site tracking prevention turned on and benefit from tracking prevention for general browsing, but also allow selected domains to give third party-embedded resources the ability to use cookies.
2. Wi-Fi 6E support
As the 13.9-inch iPad Pro (6th generation), 11-inch iPad Pro (4th generation), MacBook Pro 16-inch (2023) and MacBook Pro 14-inch (2023) support 160MHz channel bandwidth, these devices now brace Wi-Fi 6E.
3. Migration assistant
When looking to migrate and re-enrol managed Mac computers using macOS 13 or later, the Migration Assistant no longer allows the transfer of system, network, and printer settings.
4. Sign in with Apple at Work & School
Sign in with Apple at Work & School now adds support for Managed Apple IDs. This means that you can now sign in with your Managed Apple ID to access apps and websites that support this feature. Administrators, site managers and people managers can control which apps can be used with Sign in with Apple.
5. User enrolment features
With this update, Apple is expanding per-app managed networking capabilities to include DNS proxies and web content filters for devices running on iOS 16 and iPadOS 16.1 or later, enrolled with User Enrolment. This feature ensures that a user’s personal traffic stays separated and won’t be filtered or proxied by the organization. Besides, the Calendar app and Reminder app now support user enrolment.
6. User enrolment single-sign-in for iPhone and iPad
To make the user enrolment flow faster and easier, Apple introduces user enrolment single-sign-on. This new feature reduces the number of sign-ins required during enrolment into MDM by installing an identity app, then using it to handle repeated authentication during and after the process.
7. Platform single-sign-on for macOS
With this new feature, developers can build SSO extensions that extend to the macOS login window, allowing users to synchronize local account credentials with an IdP. The local account password is automatically kept in sync so that cloud and local passwords match.
8. OAuth 2.0 support
Devices running on iOS 16 and iPadOS 16.1 or later now support OAuth 2.0. This means that they allow MDM solutions to implement first-class support for the many IdPs that support OAuth for user authentication.
9. Apple Configurator for iPhone
Administrators, site managers, and device enrolment managers can now add iPhone and iPad devices running on iOS 16 and iPadOS 16.1 or later to their Apple School Manager, Apple Business Manager or Apple Business Essentials organization using Apple configurator for iPhone.
10. Internet requirement in setup assistant
The first time a Mac using macOS 13 or later is set up and connected to a network, it is acknowledged as owned by an organization. As long as the device remains registered to the organization, it requires internet in Setup Assistant mode.
11. Software updates for macOS
Apple now introduces new features that MDM solutions can add to enhance software update management tasks. These include:
- Update priority: Administrators can control the scheduling priority for downloading and preparing the requested update.
- Faster updates: macOS 12.3 or later now offers a new software update path to macOS 13, eliminating the need to run a larger full installer app or authenticate as an administrator.
- Managed update during powernap: In macOS 13, the Mac acknowledges and responds to managed update commands even when asleep or in Powernap mode.
12. Rapid Security Response
Apple is working on a feature that will add a mechanism for shipping security fixes to users more frequently. These will be included in any ensuing minor updates, not in upgrades.
13. Accessory security
Accessory security is a feature designed for macOS to protect businesses from close access attacks with wired accessories. For Macs running on macOS 13 or later, users will be asked to allow new Thunderbolt or USB accessories before being able to use them.
14. Smart card support
For devices running on iOS 16 and iPadOS 16.1 or later, Apple now offers support for PIV Smart Cards and CCID-compliant readers.
15. Declarative Device Management updates
With this update, Apple is now adding the declarative approach to device management for all enrolment types. Please find below an overview of the needed operating system version required for each enrolment type:
- User enrolment: iOS 15 or later, iPadOS 15 or later, macOS 13.
- Device Enrolment: iOS 16, iPadOS 16.1, macOS 13, tvOS 16.
- Automated Device Enrolment: iOS 16, iPadOS 16.1, macOS 13, tvOS 16.
- Shared iPad: iPadOS 16.1.
16. MDM updates
Besides the above-mentioned updates, Apple also introduces tons of MDM payload, restrictions, commands, and queries updates. An overview can be found on the Apple website.