apple, innovation

whole new iOS13 with more privacy in enterprise

tim cook recently spoke about user data and privacy, while criticizing technology companies, like google or facebook

iOS is enterprise’s first choice for mobile activity, egnyte‘s enterprise insight showed a clear weighting and content is getting more more mobile

How-Businesses-Work-in_employees-840x1087

the biggest change since iOS5 introduced supervised devices and open-in management debuted in iOS7

iOS 13 will available in fall 2019 – since google is pushing hard with android enterprise to fit business needs, with it’s buildin containerization based on samsung’s KNOX – iOS 13 provide more granular security and better privacy restriction

enrollment methods

there are already rolled out thousands of iOS devices with either manually installing a mdm profile (uamdm) or centralized with device enrollment program (dep) to get the device under control of a unified endpoint management (uem) – additionally you can enable your iOS device as supervised either while dep enrolled or via apple configurator connected to a mac

newly added – user enrollment – previously an administrator of a managed device was able to retrieve the installed apps, remove the passcode or wipe the entire device – at least the privacy controls of the registered uem prohibit this features to individuals – with user enrollment there are huge improvements to the users privacy

  • user needs to login with managed apple id
  • uem unable to retrieve device information like IMEI, serial or mac address
  • private apps aren’t reported to uem
  • no control about device passcode or to wipe the entire device
  • still the configuration of wifi, vpn or exchange accounts will available
  • other existing restrictions reserved for supervised devices, see listing below

restriction changes

  • allowSafari, available since iOS 4, require supervised device as of iOS 13
  • allowVideoConferencing, available since iOS 4, require supervised device as of iOS 13
  • allowWiFiPowerModification, available for supervised iOS 13 devices
  • safariAllowAutoFill, available since iOS 4, require supervised device as of iOS 13
  • allowAddingGameCenterFriends, available since iOS 4.2.1, require supervised device as of iOS 13
  • allowAppInstallation, available since iOS 4, require supervised device as of iOS 13
  • allowCamera, available since iOS 4, require supervised device as of iOS 13
  • allowCloudBackup, available since iOS 5, require supervised device as of iOS 13
  • allowCloudDocumentSync, available since iOS 5, require supervised device as of iOS 13
  • allowCloudKeychainSync, available since iOS 7, require supervised device as of iOS 13
  • allowContinuousPathKeyboard, available for supervised iOS 13 devices
  • allowExplicitContent, available since iOS 4, require supervised device as of iOS 13
  • allowFindMyDevice, available for supervised iOS 13 devices
  • allowFindMyFriends, available for supervised iOS 13 devices
  • allowiTunes, available since iOS 4, require supervised device as of iOS 13
  • allowMultiplayerGaming, available since iOS 4.1, require supervised device as of iOS 13

read a full list of apple’s device management restrictions here

Sign in with Apple vs. managed Apple ID

while sign in with apple is the approach to to compete with google or facebook as a identity provider (idp) for external services, for business on the other hand managed Apple IDs were so far to manage functions of Apple Business Manager, since WWDC 2019 it’s necessary to register with user  enrollment, enterprise create additional account’s for byod user to add to their device, keeps data completely separated between both accounts, hopefully compared to now:

iPadOS

along with iOS13 apple separate to path between iPhone and iPad with a standalone OS, finally iPadOS can provide more feature to the tablet, a classic desktop replacement could possible – view the demo below

stay tuned for final release around mid-september with likely new 2019 iPhone


apple, google, innovation, microsoft, technology

unified endpoint management

today’s employees use at least two or more devices to do daily work on various os at different versions – it is time for a new class of tools – unified endpoint management (uem) combine the management of multiple endpoint types in a single console

evolution

from pc configuration lifecycle management (pcclm) via client management tools (cmt) to unified endpoint management (uem) – companies listed in the client management tools magic quadrant already transformed, other a overruled

content

emm

while enterprise mobility management (emm) is highly competitive and rapidly transforming — for instance, good technology, which was in gartner’s magic quadrant in 2015, was acquired by blackberry, airwatch was acquired by vmware in 2014 – emm contains of:

  • mobile device management (mdm)
  • mobile application management (mam)
  • mobile identity (mi)
  • mobile content management (mcm)

uem combine cmt + emm + iot

benefit

  1. reduce it management cost – a single tool
  2. improved security – get the best of both
  3. better insights – reporting
  4. prepared – enterprise of things

gartner

magic quadrant reports the ability to execute and completeness of vision for vendors – read full report here

Magic Quadrant for Unified Endpoint Management Tools

tco

according to gartner research, the annual tco of a fully managed smartphone using emm is almost
80% lower than the annual tco of a fully managed desktop using cmt

@mobileiron