Apple's event this week was packed with several announcements including the new iPad lineup anchored by the iPad Air and iPad mini with Retina Display, new MacBook Pro models with retina displays, the completely redesigned Mac Pro, complete redesigns of several Apple apps including the all new iWork for Mac, iOS, and iCloud, and the release of Mavericks, the latest iteration of Apple's OS X for Macs.
With all of that crammed into a single event, Apple had to pick and choose what new and updated features of Mavericks to demo. The company opted to focus on many of the apps it had previously shown during its Worldwide Developers Conference earlier this year - focusing on the new tags and tabs features of the Finder, improved multi-display support and support for using any HDTV connected to an Apple TV as an additional wireless display, the new Maps app, and an increasingly interwoven set of collaborative tools including the revamped Calendar app. Those are all incredible features but they're just a small subset of the 200+ additions and updates in Mavericks.
Most of those features are consumer or end-user focused. Several, however, are important enterprise improvements that point to Apple's continued, if often unspoken, push to support business customers and their IT departments. Here's a list of those features that stand to have real impact on how Macs integrated into enterprise networks.
- Improved MDM support and automatic Mac enrollment - Following the success of its mobile device management framework for iOS, Apple began implementing the same framework into OS X two years ago in OS X Lion. Mountain Lion is where this new form of Mac management really became ready for prime time and Mavericks continues that evolution. One of the most significant advances is easy and secure automatic enrollment of Macs with an MDM service that can be accomplished by end-users in a self service model.
- Mac App Store joins Apple's Volume Purchase Program - Apple recently began informing its developer community that the Mac App Store would be added to the company's Volume Purchase Program (VPP) for business and education customers. Although Apple has offered the VPP model for iOS apps and ebooks for some time, the company only recently introduced an enterprise-grade licensing program as part of the VPP alongside iOS 7. Expanding that new model to Mac software is a natural move for Apple. The move has several advantages for businesses and schools, one of which is complete one-stop shopping and license management for all Apple devices. In conjunction with the anti-malware Gate Keeper feature in OS X, it can also increase system security by disabling any software loaded from other sources.
- Caching server support - One of the features in the Mavericks version of Apple's server platform is a caching service that allows organizations to maintain a local cache of all managed apps (Mac and iOS), software updates, ebooks, and iTunes content purchased by an organization and deployed to Mac and iOS users. Similar functionality is also available through third-party solutions along with Mac enterprise app store and app management capabilities.
- New software update options - Mavericks offers new functionality around software updates beyond the use of a caching service. One is the ability to automate the install of updates in the background as they become available (a similar feature debuted last month in iOS 7). For Macs with multiple users, app updates can now be applied regardless of user account, which ensures all apps can be updated in a timely manner. Also added is an option for users to postpone updates if they require a restart or impact a running app. A related item that Apple is calling fast certificate response allows the company to issue over the air notices to Macs running Mavericks to disable any security certificates that have been exploited by malware or network attack vectors without the need to wait until Apple can ship software update related to the exploit.
- Better password policies - Mavericks supports a broader range of password policies than previous versions of OS X including the ability to impose a maximum password age that can discourage or prevent users from re-using passwords.
- FileVault 2 improvements - FileVault 2 is the full disk encryption feature of OS X that can significantly boost device and data security, particularly helpful on Mac notebooks. In Mavericks, MDM services can now be used to track the use of FileVault activation as well as the use of personal and institutional recovery keys. Through MDM solutions, administrators can also remedy potential issues with recovery keys, remotely change recovery as needed, and perform key redirection.
- Sandboxed plug-ins - There have already been reports that Apple worked to create a sandboxed version of Flash that can contain any potential malware exploits. Apple has taken this approach to other common plug-ins including Silverlight, QuickTime, and Oracle Java.
- Application layer VPN - Functioning much like the per-app VPN feature in iOS 7, Mavericks includes an application layer VPN that makes it possible to send data through a VPN connection based on the application requesting access to the network. As with iOS 7, this feature enhances the privacy of a user's personal data and lowers the load on an organization's VPN service, while improving an organization's security posture.
- Centralized Xcode development - For organizations creating their own enterprise apps for Macs or iOS devices, Mavericks Server includes a new Xcode Server feature that centralizes the development process, hosts Git repositories, automates testing, and offers a build and test history.
- FIPS 140-2 certification for Mavericks is in process - The FIPS certification process is a government program that evaluates the cryptography elements in a platform or device. Platforms that receive the certification, which Apple has received for iOS 6, are certified for use within government agencies and for contractors working with those agencies. The certification is also viewed a general enterprise security endorsement.