JAMF offers up ways to integrate its MDM suite with Apple Configurator
Recently, we’ve been highlighting some of the major partnerships that are beginning to form between mobile management and mobile/cloud services vendors. These partnerships are strategic and aim to enable IT workflows that better secure, support, and monitor iPhones, iPads, and other mobile devices than what any one company could offer. So far, these partnerships and the integration of solutions that they offer haven’t included Apple or the basic management tools that Apple makes available for free – until now.
Mac and iOS management provider JAMF has posted a guide to integrating the company’s signature solution with Apple’s free Configurator tool to streamline iOS deployment.
The iPad can be great for businesses, especially if they can keep the cost down
There are a number of fields and professions in which mobile professionals share a pool of mobile devices. For companies with field agents, sales people, and marketing professionals, the need for each user to have a dedicated device may not be the most economical option and a better approach can be to simply configure a number of iPads with similar specs that users or teams can check out when they go on the road.
This shared iPad model can be a way to implement the iPad while reducing overall expense. One challenge, however, is that a business typically needs to provide mobile Internet access for individuals or small teams – something that can be a pricey proposition.
An option that's critical for business data security but that's easy to miss
One of the mobile news items this week was the discovery by developer Gareth Wright of a vulnerability in the Facebook apps for both iOS and Android. At issue in the iOS version of the Facebook app is the fact that a user’s login data is stored in a clear text .plist file. Copying that file to another device will allow full access to a person’s Facebook account.
Facebook was quick to point out that this file could only be copied directly from an iOS device if the device had previously been jailbroken. Wright responded by saying that the portion of the iOS file system where the data is located can be accessed by connecting any iOS device (jailbroken or not) to a Mac or PC running iTunes and creating a backup. With the right tools, its fairly easy to search an iOS device backup or even the filesystem on a connected device.
This brings up an important issue for businesses deploying iOS devices or operating a BYOD program – iOS backups made through iTunes can be an attack vector to retrieve business data.
RIM needs iOS developers for unspecified "advanced" iOS management options
Yesterday’s news that RIM is looking to hire iOS developers with the intention of creating iOS apps unleashed a lot of speculation about what the BlackBerry manufacturer might be planning to release for iPhones and iPads. After initially being tight-lipped and refusing to comment on the job posting, RIM’s PR team revealed that its iOS app development plans center around its BlackBerry Fusion product.
BlackBerry Fusion is RIM’s new mobile device device management solution. The product, which RIM launched earlier this year along with the first major update to its PlayBook tablet’s OS, can manage BlackBerry and PlayBook devices. RIM plans to and support for managing iOS and Android devices as well.
RIM’s statement was pretty vague beyond confirming that it’s new management solution will be the focus of this position, leaving room for speculation as to what additional features an on-device app will enable under RIM’s new management console.
Apple's iPhone Configuration Utility can be a jumpstart for iPads in the workplace
For many IT shops, the iPad and/or the iPhone can be a conundrum. While iOS has built-in enterprise capabilities, they may not be immediately apparent. There’s also the fact that Apple doesn’t act the same way as most enterprise vendors. Apple does offer enterprise sales and support teams, training and certification programs, and a solid selection of enterprise-related resources, but rarely promotes them. This can be disorienting and frustrating to most IT professionals.
Often there’s a sense of urgency around getting iOS devices integrated securely that adds to this stress – it can be because executives want them, users are bringing them in and doing work on them already with no regard for IT or policies, or because there’s been a decision to offer iPads to specific users or groups.
The ideal beginning when faced with this prospect is to take a deep breath and then to begin breaking down the issues that need to be addressed and prioritizing and handling them. As with other major IT projects, you’ll probably need to develop stop-gap measures to keep things running until your final solution is ready to be rolled out.
Virtually everyone who’s ever used an Apple product has an Apple ID. This user account for all things Apple is most commonly used with the iTunes Store and the iOS and Mac App Stores. It’s used to both authorize purchases and to allow you to access content or run apps after they’re downloaded. Apple’s philosophy is that every person should have their own Apple ID and that each of us should use our individual Apple ID (and only that Apple ID) on each of our devices – iPads, iPhones, iPods, Macs, even PC’s running iTunes or other Apple software.
That’s a great concept, but it creates a big challenge when iOS devices are used in business or school environments. When someone configures an iOS device for an employee or student with a selection of apps and other content (like iBooks 2 textbooks), they need to use an Apple ID. But once that device is deployed, the end user may need or want to purchase additional apps or other materials.
This is often a stumbling block for business-owned devices. And it’s something that Apple has finally begun to address with Apple Configurator.
Apple Configurator - Is it right for your school or business?
One of the first things most IT folks will think about Apple Configurator is that it’s pretty limited compared to some of the mobile device management suites on the market (including Apple’s Profile Manager in Lion Server). MDM suites are designed to make device management as easy, automatic, and wireless as possible. Most include robust monitoring and reporting features – virtually all can use Apple’s push notification system to update a managed device at any time.
Configurator, on the other hand, requires connecting each iOS device to a Mac using a USB cable to perform any administrative tasks like configuring device settings, assigning a device to a user, installing apps, or updating iOS. That means that Configurator isn’t appropriate for a lot of businesses or workplace situations. Yet, for some organizations, Configurator is a more ideal tool than most MDM suites because of its hands-on approach.
So, what kinds of environments is Apple Configurator suited to?
Apple wants to be sure employees know when their iOS devices are managed at work
One short sentence in the help documents for the new Apple Configurator tool shows that the company is aware that many workers are bringing their personal devices into the office. More noteworthy is the fact that it shows that Apple is thinking about some of the potential privacy issues that can arise in situations like BYOD programs where a personal iPhone or iPad is managed by a company’s IT department.
The sentence in question is in the section on supervised or managed devices. It reads as follows:
Important: When a device is initially supervised during the Prepare process, it’s wiped of all content and settings. This prevents a person’s personal device from being supervised without their knowledge.
Apple Configurator is a new free tool that let’s you manage iOS devices in business or education settings. The app can be used simply as an initial deployment tool or as an ongoing management solution. It’s particularly well suited to environments where iPads and other iOS devices will be shared among multiple users since it can be used in “lending library” fashion with users checking out devices because Configurator backs up user data on check-in and applies to a new device on check-out.
This guide covers each part of Configurator with step-by-step instructions.
A common complaint that I heard earlier this week at the CITE conference in San Francisco was that Apple wasn’t a “real” enterprise vendor. IT professionals have whined and moaned about the fact that Apple doesn’t behave like most enterprise vendors for years (as a long time Mac and Apple IT professional myself, I’ve probably muttered under my breath about Apple’s approach to the enterprise many more times than most of the CITE attendees). What’s changed, however, is that CIOs and other IT leaders can no longer simply say “no” anytime Apple or an Apple product is mentioned.
This week, Apple even reiterated the point by dropping Apple Configurator, a completely new free tool for managing iOS devices in business. It’s a tool that offers new workflows when it comes to how businesses work with iPads (and to a lesser extent iPhones) and Apple released without telling its mobile management partners or its enterprise customers.
To all those IT folks bitching and complaining that Apple doesn’t publish 18-month roadmaps and doesn’t reach out to every enterprise months in advance of a product upgrade or cancelation, I have to say this: deal with it.