iOS 5 is finally here! Pack your sleeping bags, and get ready to stand in line around the block of your neighborhood Apple Store. (We don’t have any where I live so I’ll just wait it out…)
Ok, it’s not shocking really given that it has been around in various betas for months, and this is the season for launching new iGadgets. (Technically iOS 5 was soft launched when the first beta arrived, but RTM is after all the hard launch.)
I blogged a two-part post back then where I made speculations as to what iOS 5 would bring for the enterprise:
iOS 5 – Anything In It For The Enterprise?
iOS 5 – Anything In It For The Enterprise? (Part 2)
Granted some of the items listed were more wish list type of items than fact-based, whereas others were more likely to actually surface. So, with the OS finally launched – what is the status? Let’s break it down:
No need for iTunes
This one came through in the beta (#3 I think it was?). You can setup a new iPhone/iPad without installing iTunes or tethering the device to your computer. You can do Over-the-Air OS updates, and you can backup/restore the entire device to the iCloud.
S/MIME & Exchange ActiveSync
S/MIME support is present for ActiveSync, and if you’re into this type of thing it’s obviously an improvement. Still only EAS protocol version 14.0 though.
There is also an enterprise relevant configuration setting for both ActiveSync and “regular” mail:
– Preventing moving/forwarding/replying mail items between different mail accounts. This is not to be confused with Information Restrictions Management (IRM) provided by Exchange 2010, but serves similar purposes.
Configuration Settings / Restrictions
There are a couple of new configuration settings / restrictions (pick the word you like best) it admins can push out to their users:
– Forcing iTunes password entry for each transaction.
– Disallowing SSL connections when the root certificate isn’t trusted (and the end-user cannot override this by saying “Sure, I trust this CA”).
– Disabling iCloud backup.
– Disabling iCloud document synchronization.
– Disabling iCloud Key/Value synchronization.
– Disabling Photo Stream.
– Disabling Siri (no personal assistant for you!)
– Enabling/disabling auto-join of wireless networks.
– Encryption type settings for wireless networks.
– Proxy settings for wireless networks.
A nifty feature that can be applied to ActiveSync, Wireless, and VPN is that you can configure the SCEP-enrolled client certificate to also be used as the client certificate pairing up with the credentials of the connection. So, if you want to make sure only company-enrolled iPhones are allowed to sync regardless of username/password you can make this work. This would obviously require your network infrastructure in general to be configured to use client certificates mind you. (And keep in mind that SCEP certificates are for identifying the device, not the user. With some clever engineering you can control the common name of this certificate so you can match up the two identities.)
MDM solutions are now able to distribute apps from the App Store, and not just in-house apps. You can apply voucher codes to these as well, so instead of having all users handing over 10$ through their personal Visa card the company can purchase 1000$ worth of coupons for the app provided the app developer has adapted their app accordingly.
Apps installed by the enterprise can also be removed, along with the data belonging to it. (And as you can prevent backup of the application data this should in theory mean your data is under your control.)
As for the rest of my bets/hopes? There might be features I’m not aware of and missed out on. And if not there will of course most be likely an iOS 6 at some later point in time providing even more features
Yes, I’m still missing features, but with Android not really getting any enterprise love from Google, and Windows Phone in a kind of limbo at least Apple is putting in an effort. And from a company claiming to be all about consumers that’s not bad. (I do love my Windows Phone Mango mind you, and if Microsoft can just get the enterprise bits right…who knows?)
Server-based iPhone Configuration Utility
While not an iOS 5 feature as such, as it is provided in the already launched OS X Lion Server, Apple now has a sort of MDM light solution. (Which will likely see an update soon after the release of iOS 5 to account for new settings.) Instead of using iPCU and connect devices via USB you can push out settings from your Lion Server.
For more details check out Anandtech’s review:
In-Depth with Mac OS X Lion Server
Simplified Airport configuration
While not an “enterprise” feature I’m sure there are an IT Pro or two out there who have had to configure wireless routers and access points. (Not just the expensive enterprise-grade stuff, but also consumer-grade equipment.) While the configurations are often web-based affairs this is not the case with Apple’s Airport Extreme which requires you to install dedicated software. If you plug in a fresh Airport and enable WiFi on your iPad, (and presumably iPhone as well although I haven’t tested it), you’ll be notified that an Airport is nearby and asked if you would like to configure it. There’s apparently a “secret” app which will handle this for you.
I just had to name the network and define a password – it just magically configured the rest of the settings. I had to tweak some settings afterwards to get it just the way I wanted it, but if you just want to setup a wireless network on the go really quick I can recommend this for enterprise users as well, even though it might be slightly out of the scope indicated by the title of this article
As usual there’s probably things I have missed or not covered, but I felt it only natural to try to finalize my previous rants.
Disclaimer: I have not tested all these features yet.
As a side note: While I appreciate that the iOS developer site is already offering the GM seed it was quite surprising that Microsoft landed their Mango build on my Windows Phone last week beating Apple’s launch cycle. (I wouldn’t be surprised if someone in Redmond worked overtime to make it.) Now I have two new mobile operating systems to get friendly with all at the same time