iOS 13: Apple's big BYOD improvements help enterprise pros

Apple is making it much easier to protect personal and business data in iOS 13 and iPadOS.

Apple, iOS, macOS, iPadOS, Business Manager, Apple, enterprise, enterprise IT, iOS 13
SolarSeven / Getty Images

Apple may place much of its focus on Apple Arcade and consumer-friendly iPad/iPhone features, but there are numerous enterprise-focused enhancements wrapped up inside iOS 13.

The BYOD enterprise

The company’s latest operating systems introduce a host of productivity-enhancing upgrades, particularly for the iPad.

Yet the biggest improvements specifically for enterprise users aim to make a more robust division between personal and enterprise data for Bring Your Own Device (BYOD) deployments, solving one of the big challenges in the space.

Speaking at an industry event, Susan Prescott, vice president of product marketing for enterprise and education noted (video) that much of Apple’s success in BYOD was generated by acceptance of iPads by business users, not just the evolution of the iPhone.

This focus on BYOD has paid off. Over 75% of employees will choose an Apple option if given the choice, while large-scale deployments such as the 300,000+ Apple solutions in use at IBM underline that its solutions are enterprise-ready.

Apple has kept this in mind in iOS 13/iPadOS, in which it has introduced a new mobile device managemnt (MDM) mode it calls User Enrollment. This works to preserve user privacy on iPhones, iPads and Macs by allowing enterprise IT to protect its own data while also protecting personal information. (This is designed for use alongside additional enhancements including Managed Apple IDs and Apple Business Manager).

Apple says that User Enrollment keeps managed accounts, apps and data cryptographically separated from the rest of the device on a separate APFS volume.

Managed Apple IDs

IT support can also provide Managed Apple IDs for employees in iOS 13. Enterprises can use these to deliver access to Notes and other iCloud services for business-related tasks. You can create these in Apple’s own MDM solution, Apple Business Manager and Apple Schools Manager.

These are federated with Microsoft Azure Active Directory, which enables users to sign-in with the same work email and password they use already for other corporate services.

One significant feature is that in the event an employee has already used a work email to create a personal Apple ID, Business Manager can find that ID and take it over through a new permission-based process as detailed here.

Apple Business Manager is now available in 69 countries, with the addition of China, Thailand, Vietnam and Saudi Arabia in iOS 13.

[Also read: WWDC: 12 big announcements for enterprise users]

IT teams can use these tools to deliver custom content during Automated Device Enrolment to users containing tailored information. This also means companies can add authentication methods backed by cloud identity providers to improve security before deploying a device to an end-users.

Securing the sign-in process

Apple has also created a private, robust Single Sign-in solution for enterprise users. This builds on the company's consumer-facing Sign in with Apple and lets companies create enterprise-specific authorization systems using Apple’s newly provided authorization APIs.

The idea is to make it possible for enterprises to protect their systems and data with Face ID and Touch ID. This is supplemented with a first-party Kerberos extension that enables seamless authentication to websites and applications in Active Directory environments.

Strengthening customer connections

Apple continues to iterate its Business Chat solution.

The new iOS 13 and iPadOS introduces Business Chat Suggests, a new feature that will offer customers the chance to send an iMessage to a company rather than make a call.

It works like this:

  • A consumer taps the company number on a website, search result or Map.
  • A message appears on the iOS device offering to start a Messages conversation.

Sprint, T-Mobile, Vodafone, TD Ameritrade and Home Depot are offering the new reminders feature.

Apple has a smattering of other enterprise-focused solutions, not least AppleCare for the Enterprise, which enables use of that service by enterprises with larger fleets.

It also offers an Apple Financial Services offer for enterprise users that provides business-personalized, flexible, financing deals to keep a company’s deployments under control.

Also read: 13+ things to try first when you upgrade to iOS 13

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2019 IDG Communications, Inc.

9 steps to lock down corporate browsers
  
Shop Tech Products at Amazon