What does iOS7 mean for the Enterprise?

Rob Borley
on 08 August 2013

Much of the media focus has been on the cosmetic changes to iOS7 which represent the first major change in UI design for iOS since the launch of the original iPhone in 2007. But Apple has been working hard behind the scenes to make iOS7 more business network friendly in an effort to solidify their dominant position in the mobile enterprise.

iOS7 and enterprise
At Dootrix we are working with organisations to design and implement an appropriate mobility strategy. Here are the key new developments in iOS7 and what they mean for your enterprise IT department.

Enterprise Single Sign On (SSO) support

Passwords have always been a problem; “strong” passwords are hard to remember and even harder to type on a small smartphone keyboard. Currently iOS users need to enter a password into each app they use, generally every time they try and access a protected resource.

iOS 7 introduces the concept of SSO to Apple devices for the first time, so that users only need enter security credentials once. This information is then shared across apps that have been configured with SSO, maintaining the ease-of-use for which iOS is famous, without compromising on security. Businesses can then enable SSO for approved apps, creating a divide between work/personal data and apps.

Improved MDM tools

BYOD remains a hot topic, or a headache, depending on which side of the IT management divide you work. Mobile Device Management (MDM) is now critical to defining access permissions to help staff be productive, but limit the potential for loss or breach of company data.

iOS7 opens a number of new APIs to developers, thereby broadening the field of third party MDM solutions available for managing devices. Beyond remote handset wipes and password policy enforcement (which has been available for some time now), iOS7 helps IT management to deploy apps, configure printers and configure accessibility options wirelessly.

Apple has also been making noises about the simplicity of MDM device enrolment in iOS7, although what this actually means remains to be seen. Most MDM solutions make enrolment of smartphones and tablets relatively easy, so it could be that Apple are planning to launch an MDM solution of their own, or introduce a ‘certified’ program for third party systems.

Improved app deployment tools

Piggybacking off the MDM enhancements, Apple has also created a new app deployment mechanism to help manage corporate software. In the past iPhones and iPads needed to be tied to an individual iTunes account, which made sense for a personal device, but caused a major problem when trying to deploy and define a corporate standard for certain apps. There also remained serious questions as to app ownership when a member of staff left taking their device and its contents with them.

A new App Store Volume Purchase Program (VPP) allows companies to purchase app licenses and then assign them over the air using an MDM solution. Licenses can be assigned or revoked as required, helping to reduce app purchase costs (you only buy the app as many times as you need) and device management burden. In effect provisioning a new handset becomes as simple as deploying a new PC workstation in Active Directory, with minimal initial setup time and automated app deployment. Adding and removing apps in this way also helps to maintain a “personal” aspect to BYOD devices, without tying a user’s iTunes account into company IT assets.

The VPP has also been extended to other iTunes content so that books, videos and other Apple software can also be assigned under the same agreement.

Improved VPN configuration tools

VPN support is also nothing new for iOS, but configuring and enabling connections has always been less than intuitive, particularly for less tech-savvy users. Previously users had to establish a VPN connection form the Settings app then launch the required business app. iOS7 introduces the concept of “per app VPN”, allowing VPN connections to be established automatically when specific apps are launched.

Per app VPN connections can help IT departments manage which mobile data traffic needs to be encrypted (work) and that which does not (personal), providing a further layer of security for business information.

Third party app data protection

The humble passcode already prevents unauthorised access to iPhones and iPads, but iOS7 now uses that same code to encrypt data stored on the device. This new layer of encryption ensures that data is unrecoverable should a device go missing and cannot be remotely wiped, because without the passcode, data cannot be unencrypted or stolen.

Using MDM, forcing the use of a passcode is a relatively simple procedure, allowing businesses to take advantage of these new encryption features easily. Requiring the entry of a four-digit passcode will be a minor inconvenience for end users, but compared to the potential costs of data loss, the decision should be relatively simple.

iOS7 clearly has plenty to offer the enterprise, particularly with a view to making management of a fleet of Apple devices much easier, and to further improve on a reliably secure system. For businesses who already use iOS devices, these new developments will be welcome, particularly in terms of making device management easier. For other businesses still evaluating their mobile options, iOS7 provides a compelling case for adopting Apple as the de facto standard.


Subscribe to our newsletter for free advice delivered to your inbox on a fortnightly basis.

Related articles