How Apple is improving Mac device management in macOS 13

Companies using MDM solutions to manage fleets of Macs can expect some real software update management improvements when macOS 13 ships this fall.

Apple, MDM, macOS 13, Ventura, enterprise, management

Enterprises that use MDM solutions providers to manage their Macs will see a variety of useful new software update management tools this fall when macOS 13 Ventura ships laster this year.

Here's a look at some of what's coming.

Better fleet management tools

The new tools address many of the needs that have emerged with the shift to remote work over the past two years. One of the biggest of these has been the challenge of ensuring your entire fleet of devices is up to date and to protect against devices being used outside your MDM system.

The enhancements means IT can manage and deploy software updates across Apple devices remotely, rather than relying on end users to install them.

It also puts your tech support in control, given that many business users like to test point releases of system software to ensure the code complies with policy. While it usually does, being in position to manage the software update process helps companies for whom this matters retain control.

What’s new for MDM?

Apple has introduced several new features that MDM providers will be able to make available through their systems when macOS 13 rolls out. These include tools to:

  • Set priority.
  • Initiate software updates when a device is asleep.
  • Improve reporting of system status.

Here's more information pertaining to each of these tools:

Update priority

This lets IT admins assign a new Priority key, which is sent with the ScheduleOSUpdate command, You use this to assign High or Low priority for updates. In use, High Priority is seen as effectively the equivalent of a user requesting the update themselves in Settings. Admins will be able to tell your company's fleet of devices to update their software remotely, and all will do so just as soon as they connect to power.

Initiate software updates

IT admins had a problem: when they tried to remotely update devices in sleep state, they could not do so; the command was rejected and a “not right now” message returned instead. That’s frustrating, as an admin must then either resend the update instruction at a different time or contact the user directly to request that they update their devices. It's not the end of the world, of course, but it is time-consuming.

What’s changed in MacOS 13 is that a Mac will respond to the command — even when asleep or in PowerNap mode. Once it receives that command, it will subsequently install the update when connected to power. If you zoom out and consider all the many tens of thousands of Macs now managed by MDM systems, the time and efficiency released by this enhancement is significant.

Improved reporting tools

Apple has also introduced better reporting tools in macOS. These provide IT with console level insight into important items, such as the status of software updates, how often users have deferred updating their systems, when the next installation attempt is scheduled and a list of the exact dates and times when update notifications were previously posted to a user.

Apple continues to consider enterprise tech

There are several additional changes in management of remote Macs, including a new Automated Device Enrollment feature that means Macs must check in with the MDM solution to receive its initial setup instructions.

[Also read: How (and why) Openreach deployed 30,000 iPhones to its engineers]

It was once possible to bypass this. But Apple has tightened up its system so when a registered Mac is first connected to a network, it is acknowledge as being owned by the organization that registered it.

Apple has also improved Migration Assistant to better secure endpoints. Migration Assistant makes it easy to move between Macs by automatically taking user data, apps, and device configurations from one computer to the other. However, starting in macOS 13, Macs enrolled in an MDM solution will not transfer System, Network or Printer Settings using Migration Assistant. This helps ensure every new Mac is properly enrolled into the MDM system, and that any system, network, or printer settings are compliant.

These enhancements join a range of additional improvements Apple has made and continues to make as it works to meet the evolving need of its enterprise customers. These include tools such as Rapid Security Response to force installation of vital security patches, Managed Device Attestation, useful enhancements to Apple Business Essentials, USB Restricted Mode, enhancements to single sign-on, password replacement and many more improvements.

The company also recently reached a deal with T-Mobile under which the carrier can offer Business Essentials to US SMBs.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2022 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon