By now version 4 of iOS has been out for a while, and depending on where you live in the world a launch of the iPhone 4 may have happened or be imminent. (My guess is that when it launches where I live, come 30th July, there will be waiting lists to actually get one.) But the software iOS4 has been around as an available upgrade for current iPhone/iPod users for a couple of weeks, and if you have a 3GS you can enjoy almost all the features anyways.
What didn’t see public release at the same time though was iPhone Configuration Utility, iPCU for short, but last week this was released in a new version as well going from 2.2 to 3.0. (I blame a holiday trip of mine for not noticing until now…) This is the tool for doing basic configuration on a per-device basis. Some might call this MDM light – I call it very light, but fair enough. It also serves as the tool for generating profiles you can use if you happen to have an iPhone provisioning server configured, and in such a scenario enabling at least the policy aspect of MDM. Download here: http://support.apple.com/kb/DL926
So what’s new this time? Well, there’s the obvious one like configuring multiple Exchange accounts. There’s the ability to restrict use of FaceTime, the revolutionizing video camera functionality. (All hail Steve Jobs for inventing amazing technology…actually don’t even get me started on the whole video calling thing…)
And a new payload type called…drum roll… Mobile Device Management!
Not many interesting things here by itself, this is just setting up the connection to an MDM server…wait a minute? MDM of the iPhone? Well, not all details are known, but Apple have announced that they are allowing access for three MDM vendors, (Sybase, AirWatch and MobileIron), to do things previously only accessible by Apple themselves. I’ve signed up for the beta of Afaria’s support, and haven’t tested any of these solutions yet, but it looks more promising than what we’ve seen so far. For instance remote wipe without Exchange ActiveSync, and the ability to detect if a device has been jailbreaked (and then possibly prevent it from syncing PIM data).
As far as I know there is also an MDM API available for developers, if your company happens to have more than 500 employees. So maybe the configuration options also apply to in-house MDM solutions. (Note: you can only grant access to company-owned devices if you code your own MDM. You may not develop your own and re-sell it as a hosted service or anything similar. Only the approved MDM vendors may do that.)
Also available in iPCU, and from MDM platforms is the ability to add applications to a device without going through the AppStore. There is a procedure for getting your application signed by Apple, and possibly they do some technical review too, but it’s still far better than the current app distribution engine if you are an enterprise user.
I’m still not saying the iPhone is the perfect enterprise device, and even as a regular user there are things I’d like to see implemented differently. But if you compare to the other hot name of the day; the Android, it’s ahead in this department. With my HTC Hero there’s still not a properly implemented ActiveSync client (it’s updated to Android 2.1 and not using the OS native client that will arrive in 2.2 – which the Hero most likely never will see as an available upgrade). If they keep this up I see no reason to complain though.