How to prepare your Mac deployments for Big Sur

Mac-centric enterprises must now double-check their preparedness for the installation of the next iteration of macOS, Big Sur. It’s release is now imminent as Apple prepares for what is expected to be a Mac-focused special event Nov. 10.

Test and check

For larger Mac deployments, the release of the new (and free) operating system is likely to be a little more challenging than is customary, given so many are now working from home using Macs deployed early on in the crisis. Remote workers will need guidance concerning the upgrade.

It is also essential your company ensures data is securely backed up in line with any prevailing security or regulatory compliance, and that essential applications, particularly proprietary apps, will support the new OS on release. Taking these steps now is important to protect business continuity and ensure no unnecessary spike in IT support calls. 

Big Sur will reduce security vulnerabilities and also introduces some new IT management features, as explained below.

New IT management features

macOS-managed software updates is a flagship feature for enterprises; it lets administrators use MDM to delay software updates on supervised devices. The ability to do that gives you a chance to test critical apps and infrastructure elements before they are deployed across your company. This is, of course, particularly useful once it comes to supporting remote teams.

There are also many privacy and security enhancements across the system.

Kext warning

One major change some enterprises should check for now is the removal of support for legacy kernel extensions (“kexts”). Apple is asking app developers that use kexts to migrate their software to Apple’s Systems Extensions framework. Apple believes the move will make its systems more secure — it would even help against the recently disclosed T2 vulnerability.

If your company makes use of Windows VMs, the good news in terms of the Big Sur upgrade is that Parallels, one of the most significant developers formerly making use of kexts, has itself migrated to the new Systems Extensions framework. The company says doing so has made Windows on Mac perform significantly faster than before.

For enterprises, it is important to verify both that essential apps are not reliant on kexts before upgrading to the new OS, and to ensure all your key apps are compatible with Big Sur. It may be necessary to contact app developers (internal or external) to confirm status.

Testing times

The good news, of course, is that by the time Apple ships its operating systems they are extensively beta tested, and while problems do emerge, these are customarily swiftly resolved. The company recently invited Mac developers who had joined its Universal App Quick Start Program to join Apple engineers for one-to-one engineering sessions as it seeks to ensure the first apps for Apple Silicon Macs are compatible.

Enterprises who were not part of that program can continue to engage in Big Sur testing in the usual way via the Developer program. Meanwhile, Apple continues to plan the next step for its OS — it introduced the first developer beta of macOS Big Sur 11.0.1 at the end of October.

What you should do now

It is essential to:

  • Backup data across your company’s fleet of Macs using your selected local or network storage system(s).
  • Assess current applications for Big Sur compatibility.
  • Upgrade all your apps today and be prepared to do so again subsequent to the upgrade.
  • Clarify upgrade policies and any delays with staff, particularly remote staff.
  • Ensure IT support has the knowledge it needs to handle support requests.
  • Launch a Big Sur upgrade wiki where solutions to any frequently encountered support challenges can he hosted, enabling users to help themselves while support resources can focus on larger challenges.

Ways to upgrade

Enterprises that use Apple Business/School Manager can upgrade managed Macs remotely with an MDM command. Users will then be promoted to restart.

It is also possible to download the Big Sur update to one Mac and use the content caching feature to share it with others on your network, reducing bandwidth demand. Content Caching, available since High Sierra, lets you download the software to one system, which then maintains a copy of the code that can be shared with other Macs on the network on request.

Finally, individuals across your business can download and install the OS themselves from the App Store, while those using professional MDM solutions can use those tools to manage the upgrade process.

Many enterprises like to delay the upgrade while double-checking application and system stability once the full release version of a Mac update ships. It is important to communicate this to employees and to provide clarity of instruction once it becomes time to upgrade.

Additional notes

Test Flight

As of now, it’s being reported that Apple may introduce Mac support for TestFlight. TestFlight is an iOS feature that lets developers beta test apps and share them with limited numbers of others ahead of the release. This should be of great value to enterprises wishing to securely test new applications and services.

App Store enhancements

There have been reports Apple plans to improve the App Store with a particular focus on its new Apple Silicon Macs. The first Apple Silicon Macs will be capable of running both Mac and iOS apps.

Mac compatibility

The following Macs are compatible with Big Sur.

  • 2015 MacBooks and newer.
  • 2013 and later MacBook Airs.
  • Late 2013 and newer MacBook Pros.
  • 2014 and newer iMacs.
  • 2017 and newer iMac Pros.
  • Mac Pro from 2013.
  • Mac mini (from 2014 and on).

Mac users have noted the release of Big Sur appears to be taking place at a later point than in previous years. This is almost certainly on account of the move to Apple Silicon rather than any egregious software problems.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.