With iOS 12, Apple mainly concentrated on giving mobile device management (MDM) solutions better control while also fortifying device security. A few features like improved control of managed contacts have enhanced the workflow present in iOS 11 for securing data on BYOD devices. Features like remotely turning Bluetooth on or off give organizations more control over devices. Features like password sharing between corporate devices in close proximity can now be controlled by MDM solutions. In this new OS, Apple also distrusted certificates issued by the certificate authorities Symantec and Ferderal Common Policy. If you're using these certificates and plan to manage iOS 12 or Mojave devices, here's what you can do.
Mobile Device Manager Plus MSP is compatible with all the features released with Apple's iOS 12. Here's a breakdown of the updates:
Until iOS 12, admins could only prevent unmanaged apps from accessing managed data like documents, media, and contacts. With the release of iOS 12, admins have additional control over Managed Contacts. Admins can choose to allow access to these contacts using unmanaged contacts and also allow the managed apps to store these contacts in unmanaged accounts.
Once devices are updated to iOS 12, the Restrictions settings will be replaced by Screen Time, which has all the existing restrictions along with a few more enhancements. It gives users informations about their phone usage habits, including the most used apps and the apps that send the most notifications. Users can choose to restrict the use of some apps during certain hours. Admins can restrict users from using Screen Time.
In iOS 11, Apple introduced OAuth support for Microsoft Exchange accounts, which provided additional security to users' Exchange credentials. Before OAuth, users entered their credentials in the Exchange client, which then authenticated them from the Exchange server. Now with OAuth, the client is not responsible for authenticating users. Mobile Device Manager Plus MSP can enforce OAuth authentication for the Exchange ActiveSync configurations distributed from the server.
One of the security features released in iOS 11.3 was USB Restricted Mode, which restricted a mobile device connected to a laptop from transferring data if it has been locked for over an hour. After an hour, a device has to be unlocked to resume any data transfer. Now with iOS 12, Mobile Device Manager Plus MSP can either restrict or allow users to modify this feature.
Enterprises have been eagerly waiting for Apple to provide MDM solutions control over devices' Bluetooth settings. With iOS 12, in addition to restricting users from modifying the current Bluetooth state, admins can turn Bluetooth on or off directly from the server.
The admins can now enforce the network date and time on mobile devices and prevent users from modifying these settings from their devices.
Devices enrolled using Apple Enrollment Programs will be supervised by default and users will not be able to remove these devices from management.
There's good news for macOS and tvOS users as well. With the release of Mojave and tvOS 12, Apple has given device management solutions the following capabilities: