Apple recently released OS updates for iPhones, Macs, and Apple TVs. With these releases, Apple’s main focus has been on improving data security and providing device management solutions greater control over managed devices. Let’s take a closer look at the features that were released with iOS 12, macOS 10.14 (Mojave), and tvOS 12.
What’s new with iOS 12?
Prior to iOS 12, Apple allowed mobile device management (MDM) solutions to restrict unmanaged apps from accessing data present in managed apps, which could include documents, media, emails, and contacts. While this is an important requirement in most organizations, this restriction also put admins in a fix, as it prevented users from storing managed contacts in their device’s personal space. With iOS 12, admins can now configure contacts to be accessed by unmanaged apps and allow those contacts to be stored in users’ personal accounts.
Another feature, one that was released in iOS 11.3, aimed to prevent unauthorized access to mobile devices that are connected to other devices through USB. This feature, commonly known as USB restricted mode, prevents any form of data transfer between connected devices if the mobile device hasn’t been unlocked for over an hour. It also prevents mobile devices from charging, unless directly connected to a power source.
USB restricted mode is enabled in mobile devices by default if they’re running iOS 11.3 or above. With iOS 12, admins can now choose to disable USB restricted mode or let each managed user decide. This is important for businesses that used mobile devices for point of sale, as these devices are connected to other devices most of the time.
Apple has also made improvements for accessing Microsoft Exchange. When an Exchange Online account is configured on a device using an MDM solution, the user is prompted to enter their password to log in to the account. This password is entered into the mail client, which in turn contacts the Exchange server to authenticate that user.
With iOS 12, MDM solutions can now configure OAuth for Exchange Online. Using OAuth, the user will be redirected to a system browser called Safari View Controller (SVFC) to enter their passwords. This ensures that the mail client cannot access the user’s credentials.
Apple also stopped trusting certificates from the certificate authorities (CAs) Symantec and Federal Common Policy in iOS 12. If you’re using certificates generated by either of these CAs, you should consider switching to certificates issued by other third-party CAs. For more information, refer to this document.
What’s new with Mojave and tvOS 12?
With the release of Mojave, Apple has given MDM solutions greater remote control capabilities. Now admins can remotely shut down or reboot their managed Mac machines, as well as display a message on the screens of remotely locked Macs. Also, admins can now approve and distribute apps for Apple TVs using their existing Apple Business Manager or Apple School Manager accounts.
Mobile Device Manager Plus, our MDM solution, has offered day-one support for the features mentioned above, as well as all the other features included in these releases. For more information about the features released with iOS 12, refer to this document. If you haven’t given Mobile Device Manager Plus a try, download it now to try all of its features free for 30 days.