Apple has announced that iOS 7 will have some very nice MDM improvements. These include built-in features that were previously available only from third party apps. Apple’s new webpage on the iOS 7 MDM hints that consumers can expect a substantial effect from the changes.
Not all the details about iOS 7 mobile device management are out. The specific information is still restricted to registered developers. But the public has been given information that points to better app management for improved data security and management, and ease of use. These features are available for apps that are compatible with currentmobile app management.
Manage Open In
Managed open in allows users to select the accounts and apps that they wish to use for opening files. A list of preferred apps can be set up in the sharing panel. This is easily configurable and keeps work document access separate from personal files. This fixes the previous dilemma of having to secure sensitive documents by either blacklisting leaky apps or locking the device. The new feature will also solve many existing app compatibility issues with media access management.
The encryption of email attachments as a security measure can also be handled by managed open in, with a more easily navigable user interface. Email attachment encryption was previously handled by separate apps that allowed documents to be opened only by a managed corporate app. Other specialized app features will also be available with the iOS 7 MDM features. Theintegration of these features that were only possible through separate apps makes dealing with encrypted files more convenient, but does not solve the problem of leaks. Data is still at risk of being leaked through shared contacts and the calendar. This can be remedied by the built-in VPN capability of iOS 7.
Per App VPN
The per app VPN aspect of iOS 7 allows apps to be configured to work with VPN. The apps can automatically connect to the supported VPN service on launch. The VPN will secure all traffic flow through active apps and prevent unauthorized data access. Per app VPN also gives a greater degree of control of access to a corporate network. Corporate data can travel separately from personal data through the secure VPN. Read more here about VPN services for personal data security.
The third party app data protection feature secures corporate data without further configuration. Data protection with strong unique encryption keys is automatically enabled by user passcodes under the built-in data protection API. More secure third party MAM solutions and extended VPN coverage will still be available for stronger encryption and security without the use of passcodes.
Enterprise Single Sign On
The enterprise single sign on element makes corporate app authentication easy. A set of user credentials can now apply to any associated apps. New apps can be configured to grant permission to the identified user. This gives users automatic access without having to sign in multiple times or every time the app is launched.
With iOS 7, managed open in, per app VPN and enterprise SSO will be offered for all MDM options. In addition, more app stores will be offering iOS MDM solutions. This makes compatibility more straightforward compared to all the needed specialized apps, tools and software development kits that constructing a whole new third party MAM system involves.
This doesn’t mean that MAM vendors are out. Media access management will still play an important role. The basic features of mobile device management can still be expanded. MAM can give users advanced options to take full advantage of app functionality. iOS 7 secures documents only. Extended VPN protection will be needed to secure data against cut and paste, and keep contacts and calendars private. Some users will simply prefer MAM options over MDM features. This will still require a back end management solution from enterprise mobility management vendors. A variety of solutions will be needed to suit different scaling and integration needs. iOS MDM is limited to web apps and email, so all other necessary features will most likely come from third party MAM vendors.
Additional MAM to iOS MDM New Use Features
The iOS7 MDM has a few other added benefits. As not all third party MAM features will be built into the MDM, there will be options for new use cases. One of these is Apple’s VPP. The bulk purchase of apps turned out to be quite wasteful since licenses were non-transferrable and could not be recycled. With iOS 7, corporate app licenses can be reclaimed when users don’t need them anymore. The new MDM configuration and customization options work to get the full potential from third party MDMs. Signing up multiple devices to the new MDM will be much simpler, though units under “bring your own device” and “corporate owned, personally enabled” programs will still have to be individually enabled. And supervised devices can be better secured with MDM. MDM will include Apple TV, and enable provision settings to iPhones and iPads. Users under 13 years of age can also use the parental consent provision to get Apple IDs.