(Last updated Tuesday, June 4.)
The Apple WWDC 2019 keynote ended just a few hours ago, and as it turns out, there was a lot of news for the enterprise, especially around identity management and BYOD, just like we were hoping for!
For now, here’s our preliminary list of enterprise features. There may be updates—we still have to wait for the full documentation to arrive (check these links here), and the official WWDC session on device management isn’t until Friday.
(Special thanks to Aaron Freimark and all the other folks over at the Mobile Pros Slack group for sharing all their finds after the keynote.)
BYOD and enterprise identity
The iOS 13 Preview page lists the following enterprise features:
- “Data separation for Bring Your Own Device
A new form of management called User Enrollment, built specifically for Bring Your Own Device, maintains user privacy while keeping corporate data protected.
- Modern authentication for device enrollment
Deliver custom content during Automated Device Enrollment to enhance security and show users tailored information.
- Managed Apple IDs for business
Create and manage Apple IDs used by employees, giving them access to services like iCloud Drive and iCloud Notes.
- Single sign‑on extension
APIs for identity providers and app developers enable users to seamlessly log in to apps and websites using the security of Face ID and Touch ID.”
As you can imagine, these are all very exciting. I’ve been on a soapbox about how MDM needs to get better for BYOD for years, and Device Enrollment authentication has been a big topic recently. It sounds like some of our long-time requests have finally been answered. But again, I have to caution that it’s early and we don’t have all the details.
(Update, Tuesday June 4): Via the Mac Admins Podcast WWDC episode, I learned about a great new page at developer.apple.com/documentation/devicemanagement. This lists all the profiles, commands, and queries, and when you click through, you can see which ones are included in each type of MDM, include the new User Enrollment mode for iOS. We’ll have to comb through all of it, but this should give a better picture of what this means for BYOD.
There are plenty more iOS 13 features that will help enterprise users. (See the iOS 13 Preview page for more.):
- Add attachments to calendar events
- Block sender and mute threads in mail
- More text formatting options in Mail
- Silence unknown calls
- Wi-Fi selection in Control Center
- iMessage and Simultaneous calls on dual SIM
- Weak password warnings
- Optimized battery charging (especially important for iPad-based kiosks)
- Download large apps over cellular
From the iOS and iPadOS 13 beta release notes, we learned that enterprise iCloud Drive and enterprise Notes are coming.
There’s new language around “MDM apps” in the updated App Store Review Guidelines. Apple mentions that “MDM apps must request the mobile device management capability.” This is different from what we’re used to seeing, because Apple’s MDM protocol doesn’t actually require an agent app.
iOS 13 will drop support for iPhone 5S and 6. Dropping support for the 5S is not surprising (it had a great run of six years and OS versions, from iOS 7 to 12) but some will be disappointed to not see the iPhone 6 get that many years (it got five years of support, from iOS 8 to iOS 12). Still, I stand by my assertion that iOS lifecycle management is the mobile standard to beat.
On a related note, in case you missed it, Apple announced a new iPod touch last week. This will be great for retail, healthcare, and industrial use cases, such as barcode scanning and point-of-sale terminals. It’s pin-compatible the iPhone 5 and iPhone SE, so customers can swap out devices and keep the same scanning sleds and battery cases.
iOS for the iPad has a separate name now—iPadOS.
There are a ton of new multitasking and productivity options. Will it be enough to convert more users from laptops to iPads? We’ve already been seeing a big wave in the last year or two, and this will surely help more. On the other hand, the iPad naysayers aren’t going away, either. There’s a lot in here, so iPad users, have fun!
- Among the more interesting announcements, iPadOS will support external storage devices via USB and on SD cards, plus the Files app will support access to SMB file servers.
- iPadOS 13 will support iPad Air 2 and later, iPad Pros, iPad 5th generation and later, and iPad mini 4 and later.
- Plus there’s mouse support (via Assistive Touch)!
You can find more in the iPadOS Preview.
tvOS will support multiple users. Unfortunately, still no word about bringing multi-user iPad—currently education-only—to the enterprise.
watchOS 6 will support freestanding apps (i.e., without a companion iPhone app) and direct access to the App Store. There are certainly developers and enterprises thinking of use cases for this somewhere out there.
So far, there’s no word of the Apple Watch going completely iPhone-free, though, so I imagine that Apple Watch MDM will continue to take place through a paired iPhone.
macOS 10.15 Catalina
Here are some highlights from the big list:
- macOS will sync iOS devices from Finder, instead of from iTunes. iTunes itself has been broken up into Music, Podcast, and TV apps. (No word about what Windows users will do, yet.
- The new “Find My” app can locate offline Macs, which will report their location to nearby Apple devices via Bluetooth beacons.
- Macs with the T2 chip will support Activation Lock.
- Third-party developers can bring iPad apps to the Mac with Project Catalyst.
- With Sidecar, an iPad can act as an external display for macOS. (I’m going to love this for working from home and on the road.)
- There’s a new “endpoint security” framework and API.
- macOS apps must be notarized to run on Catalina. This is one we’ve known about for a while, but now’s the time for it to go into place.
Apple and consumer identity management
Apple is creating a social identity provider, called Sign in with Apple. You know how you can use Facebook and Google to sign into a bunch of consumer apps? This is the same thing, except Apple is the identity provider. It works with Face ID and Touch ID, and can provide “private email relay” so that websites and apps don’t get to see your real email address, along with other anti-fraud features.
This isn’t necessarily an enterprise thing, but it shows how much Apple has advanced its strategy around identity management.
Xcode 11 and Swift UI
I’m not a developer, but the demos of all the new app building tools looked amazing. It would be hard not to think that this would tilt some customers away from third-party low-code app platforms over to doing native iOS apps in Swift and SwiftUI, if they’re targeting an all-Apple deployment.
Watch for more
I’ll update this as we learn more throughout the week. If you see anything interesting as you’re going through sessions this week, comment below or hit me up on Twitter.