iOS 7 brings radical change to the iPhone and iPad, but the new features in store for the enterprise are going to fix a number of pain points we've been feeling since the introduction of Exchange support. From individual app licensing to improved security, this OS refresh due this fall looks to cement an already strong position in the enterprise landscape.
Streamline Your Device Deployment If you’ve ever set up a new iPhone or iPad, you know there are a couple of tasks required right out of the box. While these steps are not necessarily difficult, they need to be completed before mobile device management (MDM) can be installed and the device can auto-configure things like corporate email and network connection settings. Most corporate IT groups were left with the choice of either walking new users through the set up of their devices in person, or deploying a list of instructions to configure them on their own.
On iOS 7, IT now has the ability to have corporate-issued devices auto-enroll in MDM during the activation process, which means users can get up-and-running faster with fewer steps to configure settings on their own. This is particularly good news for any IT director who’s had to deploy a device refresh to thousands of employees.
Managed Open In The ability to manage enterprise app installs and perform partial data deletion from MDM solutions has been available since iOS 5, but it didn’t really address situations where users might open corporate documents sent as email attachments in non-supported apps. To put it another way, IT had no visibility into whether corporate data resided on a user’s device unless it was strictly managed by the user in an app supported by corporate IT. The only option to ensure a device was clean of corporate data in the event of employee termination or a lost/stolen device was to completely erase the device and return it to factory settings. This opens an ethical question regarding corporate’s right to perform complete data wipes if the device holds any amount of the employee’s personal data, especially if the device belongs to the employee and is part of a BYOD (bring-your-own-device) program.
Well in iOS 7, Apple brings “Open In…” management to the IT department’s device management arsenal which protects corporate data on the device by ensuring attachments and files are only openable in corporate-supported, whitelisted apps. This works with email attachments by monitoring the files attached to messages in the corporate-controlled email account and limiting the available apps the display in the “Open in…” dialog box. It also manages the reverse case to help prevent personal documents from being opened in corporate-managed apps. This filter goes a long way to keeping enterprise and personal data separate, which should put IT directors at ease when it comes time to remote wipe a user’s device.
Selective VPN The best way to secure corporate data and keep it away from prying eyes is to route all traffic through the corporate network. Behind that firewall, IT has the power to monitor, route, and segregate data to make sure company assets stay safe and unauthorized requests get squashed. When you’re outside the company’s network reach, VPN is the way to turn your hotel room into a remote office, by creating a secure connection to the company network.
This is fine for work-issued PCs, but mobile devices like iPhone and iPads tend to be used for more personal interactions. For this reason, IT doesn’t necessarily want or need to route the entirety of the device data through the corporate network. In some cases, apps may stop working completely if the network connection requires special proxy authentication settings. In iOS 7, IT can configure VPN connections on a per-app basis, so only the corporate-managed apps — the ones that benefit most from a secure connection — get routed through the company network.
App Licensing for the Enterprise Before iOS 7, an app issued to a user was tied directly to her iTunes account — even if it was purchased by the organization. That meant that an employee leaving the company took her apps with her and replacement licenses had to be purchased for new employees entering the organization. In iOS 7, apps purchased through the Volume Purchase Program can be managed by the organization, so employers can assign apps to employees while retaining full ownership and control of the license for that app — for both the iOS and Mac App Stores.
In Closing In addition to the enhancements mentioned here, Apple has expanded the APIs available to MDM vendors, which means IT will have even more configuration capabilities. For details on what lies in store, you should get in touch with your MDM vendor to see what to expect and when. For more information on the other treats Apple brings in iOS 7, check out their iOS 7 feature overview page. If past releases and adoption rates are any indication of what to expect when iOS 7 comes out later this year, expect a quick migration from iOS 6 to 7 and be ready to support the new OS early.