Between WWDC 2021 and the imminent WWDC 2022, Apple has made significant changes that affect the enterprise community. It’s worth taking a look back at what changed and what that might mean moving forward.
One of the biggest changes dates back to last year’s conference. Declarative management is the most significant change to Apple’s MDM (mobile device management) architecture since it debuted in 2010.
The advantage of declarative management is that it moves much of the policy management to devices themselves, rather than have configuration profiles on each device that require it to check in with an MDM service and report its state. Declarative management allows the devices themselves to track their compliance against the detailed set of declarations. Only when they are out of compliance or when receiving new declarations do devices need to connect. Thus, devices can manage their state without the need for constant or repeated connections.
This is a big deal, even if many of the configuration options are extremely similar to the MDM capabilities. It reduces network congestion and on-device response time. As Apple and other MDM vendors move to completely cloud-based solutions, these improvements help provide a significant savings when it comes to bandwidth and user satisfaction.
It’s clear that declarative management is the future for managing all Apple devices in an organization and that the pre-existing MDM framework has been deprecated.
It’s easy to imagine that framework will eventually be obsolete and unsupported. This has consequences because older OSes (iPadOS, macOS, and tvOS) that can’t run the appropriate versions that support declarations will eventually need to be replaced. Given Apple’s efforts to support older devices with current software, this may not be an immediate concern. But IT leaders should take notice.
Apple Business Essentials
Last November Apple launched Apple Business Essentials, a cloud-based MDM service for small to midsize enterprises.
This puts Apple in an interesting position. For 12 years, the company allowed third-party vendors to provide enterprise MDM solutions rather than offering them itself. Now Apple is competing with those MDM vendors.
It also allows Apple to leverage iCloud and managed Apple devices for users to create a collaboration platform in the mold of Microsoft 365 and Google Workspace.
Apple Business Manager/Apple School Manager
These solutions are part and parcel of managing Apple devices. As with Apple Business Essentials, Apple has moved much of the provisioning process to the cloud with a tool that integrates with third-party identity and authentication platforms (think Azure AD) and/or with managed Apple IDs. Although these platforms had already existed, the cloud-based emphasis is significant.
Another surprising change that Apple rolled out over the past several months is support for unlisted apps. Unlisted apps are downloaded using the iOS or macOS App Stores, but they aren’t visible when browsing or searching the App Stores. The only way to access them is via a link provided by IT departments.
This seems a bit of an odd change, but it makes it possible for organizations to deploy apps without needing to rely on MDM to provision the apps. This fits well with Apple Business Essentials and for organizations that don’t want to fully adopt MDM solutions. It also works well for organizations that rely on outside consultants/contractors and need to deploy in-house enterprise apps but don’t want to enroll their personal devices.
The death of macOS Server
I’ve written about the end of macOS Server and the fact that it had been on the chopping block for years before Apple’s decision to axe it this spring. By the end, there were only a couple of services that continued to function in macOS Server.
The move fits with the strategies outlined above — moving device management and provisioning to the cloud rather than using an on-premises solution. In moving forward with Business Essentials and Business Manager as the new keys to Apple device management, this was a fully predictable transition.
Where things go next
With so much having happened on the enterprise front over the last 12 months, I don’t expect to see any major enterprise changes going into Apple’s various platforms. I expect most of the enterprise track at WWDC to be focused on clarifying how things will work in this MDM cloud reality.
There are likely to be some refinements of things like declarative management, user-based enrollment, and managed Apple IDs, but I don’t expect any paradigm-changing announcements, sessions, or labs.