My usual presentation style is that I find something I believe is of interest to the MDM/Enterprise crowd, then I test it & verify it working, and present it to you either as a textual description, some screenshots or both. Today, it’s not so much tried and tested – actually you could say I’m moving into the speculation department.
I just upgraded my iPad to iOS 5 Beta 1 and gave a small rant about it:
Since then I’ve upgraded to Beta 2, and I’ve looked through the menus of the device for relevant stuff. Now, Apple are a funny bunch of course, on their developer site they have a section for the pre-release stuff and some documentation. But the docs are mainly on new APIs and major changes. “Small” things like MDM and policies aren’t documented yet (only for iOS 4). So, I thought that, hey let’s just try to build some new .mobileconfig files and have a guess at what the settings should be. Turns out it’s not that easy…
I do not know if it’s me taking the wrong guesses, (on account of doing just that), or if it hasn’t been activated yet. Since it’s a beta it is of course perfectly possible that some things are left out. So, I kind of gave up trying to document it – after all we can except to see official docs in a couple of months. As I said in the intro this kind of breaks my usual style, but if you’re relying on what Apple releases publicly you’ll never get a leg up on the average user so my justification is that it might provide some helpful pre-release knowledge nonetheless. What I will do though is point out a few things I consider candidates for enterprise control in no particular order.
I’d say Apple is late to the cloud game, but they had to think up an i-name for it first (must have spent a lot of time and money landing it). Steve Jobs was excited to present this at WWDC, and I agree it is a nice feature. Since Google and Microsoft are doing similar things in their mobile operating systems Apple really had no choice either. (They have plenty of cash on their hands to build a couple of clouds so I don’t think it out of fear of not affording it.)
Since not all companies are equally happy to see their data being uploaded to a random datacenter I would certainly expect there to be some settings related to this. Whether it’s a binary switch just controlling enable/disable or you actually get the ability to provision an Apple ID for it I do not know. Gotta be something related to the cloud in one form or another.
Restrictions are easy to control today – either through an MDM solution or iPhone Configuration Utility. I take it for granted that new restrictions will be configurable. (I don’t consider this mere speculation.)
Any interesting new restrictions? How about disabling deletion of apps? With this configured the user will not be able to remove installed apps. In the UI it’s an on/off slider, but with MDM maybe you can specify on a more granular level which apps aren’t ok to remove?
You can currently block your users from accessing the iTunes Music Store. Could it be that you can disable iTunes in general now that you can do both activation and OS upgrades over-the-air? I know a lot of people would love to block that pesky iTunes desktop application.
On the desktop side you don’t necessarily allow users to upgrade their OS and apply Service Packs on their own volition. It would make sense if you were able to block iOS updates until IT had a chance to test and approve it. Looking at it from a user perspective I fear that some IT departments will hold back on the updates and have their users frustrated that they can’t use flashy new features their friends got access to three months ago. And if the user is unhappy it’s not a good thing for the karma of Apple either. So I’m guessing 50-50 on the odds of this being a candidate for enterprise control.
As it stands now you can be “clever” when it comes to installing apps. You can install apps on your iPhone and have these automatically installed on your iPad as well. (All done through the iCloud.) Either the block installation restriction would need to disable this ability, or you would need to be able to configure this separately. If I was implementing it I’d make the Automatic Download dependent on the install restriction, but let’s just see how it works out.
So, Microsoft announces that Twitter will be deeply integrated into Windows Phone 7 codename Mango. Well, Apple can’t do less and is also integrating Twitter into iOS 5.
For some reason it’s not pre-installed as such – there’s a menu setting for installing Twitter. It’s nice to have the option to skip it if you don’t want it cluttering the home screen, and maybe this is the reasoning behind at this stage .
This could possibly be blocked if your device is under company control. (Either through a separate Twitter-block or blocking of the App Store in general.)
This is more of a wild card really. But with Music and Video you can configure “Home Sharing” (AirPlay I assume) – could this possibly be disabled? I’m really not sure as I don’t see a big security risk or anything since it’s related to those two media types only, but maybe some administrators want to control this as well? Could be that this is just one of the features in the OS that is present whether the company likes it or not. How fun would it be to buy a 500$ AirPlay ready stereo and find that your company does not approve of your choice of HiFi equipment. (Could you even imagine iPhones not being able to play back music?)
Apple Configuration Utility
Many of us have tinkered with the iPhone Configuration Utility. It’s a nice little utility, but has primarily been a single user tool. For doing bulk configurations you are better off using an MDM solution. Apparently there is a multi-user version of this utility in the works. Not sure how it works, (I haven’t seen the UI), but supposedly you can push profiles and use it for company-owned devices. Wireless/iCloud/OTA/something so you don’t have to tether the devices. Probably not as extensive as a full MDM solution, but it might make sense for smaller companies where the company is interested in buying phones and pads for their employees without investing thousands of dollars for a management solution. Hopefully we’ll know more when OSX Lion is available since the little I have seen indicate this would be where to look in the beginning. (I haven’t tested the beta releases of OSX, but I’ll probably do an upgrade to the final release.)
I have also been informed that there will be new features related to distributing apps and managing them. Unfortunately I have no details to share, but there will most likely be something of interest to enterprises.
The Apple Push Notification Service which you would use for instance for issuing a remote wipe for your iPhone/iPad has according to the docs synced up with Push Notifications for OSX. I have no idea if this means anything new on the device side, or if it just introduces a push concept on the desktop side. Wouldn’t really be considered an enterprise feature either for that matter.
As for other new enterprise features I do not know yet. The features above are more or less educated guesses. Some less educated than others mind you. I’m optimistic however as Apple has shown an increasing willingness to make their iDevices enterprise friendly. Rest assured that I’ll be keeping an eye on upcoming betas, and upgrade to RTM and test once that becomes available
Please share any thoughts you might have on this in the comment field, or by pinging me.
Am I completely off? Have I missed anything vital? Am I just plain wrong? Or am I onto something? Do you even like these kind of rants, or prefer the hard facts type of posts?