Last Monday, June 11, we were all set again: WWDC24! Traditionally the moment when Apple showcases the latest functionalities for the upcoming versions of platforms like iOS 18, iPadOS 18, and macOS 15. In addition to all the innovations for consumers and developers, new features for organizations and IT are also presented.

In this blog, we want to take you through the most relevant innovations for organizations coming to the iPhone, iPad, and Mac at the end of 2024.

macOS Sequoia

During the Keynote, there is always the moment for Craig Federighi, SVP of Software Engineering, to announce the name of the new version of macOS. The result of a tour through California with Apple’s ‘legendary crack marketing team’, searching for beautiful locations to name macOS after. This year the choice fell on: macOS Sequoia!

Some great improvements that are welcome for everyone:

  • iPhone Mirroring: display and control your iPhone on your Mac, completely wirelessly.
  • iPhone Notifications: see all your iPhone notifications on your Mac and respond directly to notifications via iPhone Mirroring.
  • Easy window tiling: did you use apps like Rectangle or Magnet to manage windows? This functionality is now built right into macOS.

Apple Intelligence

It has been a question for a while, will Apple introduce AI functionalities after the impact of ChatGPT and Microsoft Copilot? As we know Apple, they introduce something only when they believe they have found the right implementation that truly contributes to everyone. It had to meet the values of powerful, intuitive, integrated, personal, and private. Apple calls this: Apple Intelligence.

Apple Intelligence will become a fundamental part of iOS, iPadOS, and macOS, featuring deep integrations within almost every app and helping you write text in emails or other apps via Writing Tools. You can make text friendlier, more formal, shorter, or generate a summary with the press of a button. Additionally, generating images directly in relevant places like Notes and Emojis (called Genmoji) looks very promising. Many of these calculations are performed on-device and not sent to the cloud. This way, Apple Intelligence can take your personal context into account in requests, make connections with other apps, find information, and offer more relevant information and actions.

Moreover, it will integrate at the system level with ChatGPT for even more advanced requests without needing an OpenAI account. For organizations, we see a lot of potential due to the focus on user and data privacy, but there will also be options and restrictions available to disable functions (partially) if this is the organization’s policy.

Apple Intelligence is expected later this year and requires an iPhone 15 Pro or iPad/Mac with at least an M1 chip.

Passwords-app

Although Apple and others are working hard to adopt Passkeys (passwordless login) more broadly, we still use a lot of passwords for various services. Apple has had the Keychain app built-in for years for storing passwords, keys, and certificates, but it was not easy to use. This is now changing with a user-friendly Passwords app, making a real password manager accessible to all Apple users. The data synchronizes end-to-end encrypted via iCloud and is available on macOS, iOS, iPadOS, Apple Vision Pro, and yes, even Windows!

Additionally, for applications with Passkey support, Apple platforms will even help you migrate from a password to a Passkey all automatically. A very welcome addition to proactively help the adoption of Passkeys even more and work our way towards a passwordless world.

Passkeys and hardware security keys

A limitation that Root3 has sometimes faced is that passkeys or hardware security keys could not be used to authenticate during enrollment. You would fall back on the password or have to receive a temporary code in a complicated way via another device. Not a great user experience, but fortunately, macOS 15 now supports this.

Platform SSO & FileVault

A very welcome functionality for organizations using Platform SSO in combination with FileVault disk encryption. It will now be possible to require authentication with the Identity Provider when unlocking FileVault, where previously FileVault always used a local password that might not be the same as the Identity Provider’s. If a Mac is offline, options are available to still gain access through a grace period. We expect Identity Providers like Microsoft Entra ID and Okta to respond to this and offer organizations more options that fit their policies.

Managed Apple Accounts

Managed Apple IDs have been renamed to Managed Apple Accounts, which will take some getting used to! Organizations will have extra options to convert personal Apple Accounts created on the organization’s domain into a Managed Apple Account. Users will now be able to migrate data from a personal Apple Account to a Managed Apple Account. This will be a choice for the user and would be a logical step if the user already had organizational data in this account. If the data is private, the user can choose to change the Apple Account to a private email address as before. Apple Business Manager will then create a new Managed Apple Account.

Activation Lock

You might know it, an iPhone, iPad, or Mac is returned to IT because the user is leaving the company. But when re-deploying, it turns out there is an Activation Lock, and the user’s iCloud account and password are needed. Previously a cumbersome process where the organization had to contact AppleCare to resolve it. In Apple Business Manager, an improvement now allows administrators to disable Activation Lock for all devices. Redeploying a device will now always proceed without unexpected hurdles, saving the organization a lot of time with this issue.

Management of Safari extensions

We regularly hear feedback from customers about Safari, and they use other browsers for various reasons. One of the reasons is managing extensions in the browser, such as for a password manager like 1Password. This had to be set up by the user and could not be automated. Organizations sometimes want to block or allow specific extensions. Then there is good news! Apple will support all these functionalities on iOS 18, iPadOS 18, and macOS 15, making Safari much easier to automate and standardize.

External and network storage access

Some organizations want to prevent a Mac from accessing external or network storage. In macOS 15, new options will be available to configure this. Many details are still unknown, so we’ll see how this can be implemented in practice.

Background task management

Many applications use background processes, such as endpoint protection or updaters. These are important for the proper functioning of the software, and unauthorized modifications can cause software to stop working or only partially work, especially if users have administrator rights. macOS 15 introduces an option to distribute executables, scripts, or configuration files for background processes via MDM to a secure and protected location that local administrators cannot modify.

macOS upgrades, the easy way

One more thing, macOS upgrades! This theme is not directly mentioned, but organizations will benefit from features in Declarative Device Management (DDM) from last year. With support for macOS update/upgrades in DDM, macOS 14 can be forcibly updated to macOS 15 via DDM upon release, with a deadline for the user. Root3 has been using this update method for all its customers since macOS 14, and we see very good results. This process accelerates and streamlines the rollout of macOS 15 and may result in the fastest adoption of a major macOS version in history.

Of course, we will optimally prepare all our customers for the upcoming changes and ensure they can smoothly upgrade to iOS 18, iPadOS 18, and macOS Sequoia in the fall.