Earlier this year in June, Apple announced a fresh set of updates to Apple device management mainly focused on improving device security and elevating the device user’s experience. These enhancements and new features are now here and you can leverage them through ManageEngine Endpoint Central to manage your enterprise devices better and deliver the best device experience to your employees.
Fortify security with:
-
Device verification. By leveraging Apple’s Device Attestation through ManageEngine Endpoint Central, you can view the devices that pass Attestation along with those that don’t. This enables you to find devices that could compromise your organization’s data security and make sure their access to corporate resources is restricted by executing a factory reset on them and revoking management.
-
Unauthorized access prevention. Allow or restrict iOS and macOS users from installing configuration profiles and certificates on their device. You can also decide if macOS devices can allow new USB connections without authorization when they are locked. Choosing to keep these configurations restricted will prevent users from installing malicious payloads on their work device or enabling unauthorized connections.
-
Improved network security. Remotely configure firewalls on macOS devices to keep cyberthreats at bay. In addition to this, you can integrate the Automated Certificate Management Environment (ACME) server with Endpoint Central to manage certificates on employee devices. With this integration, you can create certificates and install them on devices that pass Apple’s Device Attestation to ensure access to corporate resources is provided only to trusted devices.
Enrich usability with:
-
Added enrollment capability. You can now enroll iOS, iPadOS, and macOS devices using an iOS device that has the Apple Configurator for iPhone app on it, enabling you to add these devices to Apple Business Manager and benefit from device Supervision.
-
Easier iPad login. Shared iPads can have the managed domain appear as a suggestion during login to give users an easier login experience. You can also monitor the assigned managed Apple ID domain for each device and set the period for which a user can log in to a device without an internet connection.
-
Granular settings management. You can now also manage the Accessibility Settings on managed devices without user intervention to provide users with the best device experience. Moreover, you can configure devices to skip the Terms of Address pane during initial setup, enabling your employees to access their work iPhones and Mac devices much quicker.
-
Remote eSIM management. Distribute eSIMs and have devices automatically activate the eSIM. Also, prevent users from modifying the provisioned data plan or deleting the eSIM from the device through a data wipe or device reset.
Enable smooth update distribution by:
- Testing. Distribute the update only to your test devices first and ensure critical devices, legacy apps, and enterprise apps function properly with these test devices. New updates can be delayed on other devices until testing is complete.
-
Scheduling. Once tested, distribute the update to enterprise devices in batches outside of work hours to ensure devices are accessible during work hours should any unforeseen issues arise post update.
A few points to note
-
Apple previously announced the deprecation of System Preferences. However, this feature is still available to be managed.
-
Apps that are running background processes appear in the Login Items on Macs running macOS Ventura. You can restrict users from disabling background processes from this menu to ensure important apps and processes aren’t interrupted.
Try ManageEngine Endpoint Central free for 30 days and benefit from enhanced Apple device management.