While the iPhone 6 lines have died down outside Apple Stores and iOS 8 download servers are cooling off from the first high traffic days, iOS 8 enterprise implementations should be beginning across many industries.
I recently got some insights about what to iOS 8 offers to enterprise mobility and Bring Your Own Device (BYOD) initiatives. from mobile device management (MDM) and enterprise mobility management (EMM) leaders from Fiberlink, an IBM company, AirWatch by VMware, and Good Technology.
iOS 8, managed content, and managed domains
According to Josh Raymond, customer success manager for Fiberlink, an IBM company, with iOS 8, Apple really built out the application management options in iOS 7 by introducing the idea of managed content in addition to managed apps and managed contacts.
He provided the following example, “What I can say is specific domains are internal and external so when I’m writing an email that might have confidential data in it I can easily tell if a contact is internal to my work or external to my work based on the way the contact is colored.”
“That’s one of the big things,” Raymond offers. “It helps end users identify when they are getting ready to send an email to an external source and it kind of gives them pause and have them evaluate is this an external mail or did I mistype somewhere.”
Think of it is your corporate domain as a safe domain appears in blue. The Gmail domain of an outside freelancer appears in red.
“The second thing that they really did to build on their managed story is web domains,” Raymond adds. “What I can do as an MDM is specify certain web domains as “managed” so what that means if I go to Maas360.com and I want take in some content via Safari, that content is managed.”
“So what Apple is doing with this change is that they are effectively weaving in personal data and corporate data on the same device in the same native look and feel of iOS,” Raymond posits. However, he points that enterprises have control over the data allowed in the circle of trust this new iOS 8 security offers.
“It’s certainly kind of innovative because a lot of folks have come out with containers and other kinds of things and specifically this is not a container or a separate app. It’s the native experience,” according to Raymond. “It’s just trying to get at juggling that work life kind of balance better.”
iOS 8 and security controls
I think they need to be aware of the enhancements that are made to these devices advises Blake Brannon senior solutions engineer, AirWatch by VMware who gave me some insights around iOS 8 security controls.
“From a configuration/security restrictions standpoint, the ability to disable the new handoff feature which is going to be important for a lot of enterprises because of how that dataflow goes through the iCloud and you may not want that to happen from your devices,” according to Brannon.
He also mentioned the ability to restrict the device from backing up any data to the iCloud for managed enterprise apps while still allowing it for the personal apps.
“And then of course preventing the synchronizing of iBooks, Brannon states. “You can now deploy iBooks on iOS 8 through the management APIs as well as the synchronization of notes and highlights in those books.”
This information can be controlled through AirWatch and MDM according to Brannon.
He adds, “There’s also a couple of new security settings to prevent changes in configuration on the device. So for example, iOS 8 introduced the ability to configure the security restrictions to prevent the user from going in and turning those on manually. A great example of where that was a problem in the past was in education where students in the classroom could go into the settings and turn a restriction on, put on their own passcode”
Preventing a user from factory wiping the device from the device itself is another important security setting according to Brannon. “So again, in an education or line of business scenario where you don’t want someone to go into the setting and factory wipe the device you can now do that through the management APIs with AirWatch.”
He points to scenarios like retail stores with hundreds of devices and oil rigs where there’s limited bandwidth where this feature should prove to be attractive.
Brannon also point to some other features that admins need to be aware of when iOS 8 starts to hit their enterprise.
“The first one is certificate support for single sign on,” according to Brannon. “This is basically the ability to leverage a certificate for the user to sign on to backend systems. This prevents you from having to store someone’s Active Directory credentials on the device while still giving them access to a backend SharePoint site, web site, or web service that an application is using as part of the single sign on framework that Apple has built into iOS 8.”
Everybody I spoke with mentioned improvements to spoke to the improvements around the Open With access control in iOS 8. It’s safe to say that the vendors I spoke with in this article have solid management tools to manage this feature and protect your data.
iOS 8 transparency and BYOD
I asked, Lynn Lucas, CMO of Good Technology, specifically about iOS 8’s implications for BYOD. She pointed out to me some of the some innovations around Apple Health as creating some increased concern and risk on part of the users.
“With an MDM approach there is the ability for IT to have visibility and potentially wipe out more and more of this personal data especially in a BYOD context, Lucas says. “I think what we are advising is that about there’s a culture of transparency between IT and the user population. The user population will have concerns in a BYOD context and have increasing knowledge with the other feature apple introduced, which is MDM transparency. There’s now a setting where an end user can get visibility to what is being managed on their device.”
“So we really take the approach that it’s a transparent conversation between IT and the organization and we believe that this creates an opportunity for IT to shift to focusing on what’s really important and that’s protecting the data,” Lucas advises.
The insights from Raymond, Brannon, and Lucas point to iOS 8 taking Apple another step closer to becoming an enterprise company. Another positive I see is that the new transparency that iOS 8 offers, and hold out hope that it opens some much-needed BYOD privacy and device management discussions.