Although iOS 7 is quickly nearing its six month anniversary on the market and has gained massive adoption, Apple has yet to offer an update to its mobile OS other than minor patches and bug fixes. iOS 7.1, which has been available to developers in a series of beta releases for some time, is expected to include some additional features including the introduction of Apple's automotive integration, known as iOS in the Car.
A recent report by AppleInsider citing an "unverified source" indicates that Apple may be making iOS 7.1 even more enterprise-friendly by expanding the mass deployment and management capabilities of the platform.
Although the report was light on details, there are various improvements that Apple could make in iOS 7.1 or even iOS 8 that would make the lives of enterprise IT professionals and iOS business users much easier. Here are eight of them.
Over the air supervision. When Apple launched the free Apple Configurator utility for managing and deploying iOS devices, it introduced a new management option known as supervision. Since then, both iOS 6 and iOS 7 have included a range of more stringent device and content management functionality that can only function on supervised devices. Although most enterprise mobile management (EMM) vendors have integrated these supervised options into their various solutions, devices must still be put into supervised mode using Apple Configurator -- a tool that is only available for Macs and that requires each iOS device to be physically connected to a Mac using USB.
It is widely expected that future iOS releases, possibly iOS 7.1, will offer the ability to configure supervised devices over the air, which would save massive amounts of time and simplify the logistics of mass setup and deployment of iOS devices. It would also encourage greater use of supervision-related capabilities to build added layers of security into iOS deployments (it's worth noting that supervision is a much better fit with corporate- and school-owned devices than with personally owned BYOD devices). Ideally, this OTA capability will be available from within third-party mobile management solutions rather than a separate Mac-specific add-on from Apple.
Multi-factor authentication. When it became clear that Apple was going to ship an iPhone with a fingerprint scanner, there was a lot of excitement around the idea of two-factor authentication options that could include a passcode and biometric identifiers. Apple hasn't embraced that model. Touch ID serves only as a passcode shortcut. Whether it's an evolution of Touch ID, some other biometric option like a user's heart rhythm, or more traditional two-factor authentication systems like smart cards, trusted Bluetooth, or other forms of token-based authentication, additional options from Apple or developed in partnership with third-parties would be an excellent security bump of iOS.
Support for iBeacon as an auto-configure solution. One of the realities of mobile is that device, app, and information use tends to be very contextual. Users have different needs and expectations based on contexts like when and where they are working, people that they're meeting with, and the format of information that is most conducive to specific devices or tasks. Several MDM vendors already offer some context-capable configuration and management features, including things like allowing access to resources based on whether users are connected to a corporate or public network or based on geofencing around an office or worksite.
As iBeacons become more common in everyday life, it becomes feasible to add a range additional context data -- is someone at a worksite, which floor or office are they at, is someone using a company vehicle for transportation, who is proximity to a given employee. iBeacons allow this kind of context-awareness and they could offer the ability to automatically configure specific device or app functionality, like access to network or cloud resources, or automatic configuration of nearby wireless devices like Apple TVs or printers. Providing a unified way to adjust to this contextual data will be a key requirement for organizations to use it effectively.
Better support for dealing with Apple IDs. Apple doesn't offer users many management of Apple IDs, which can be problematic because an Apple ID serves as identification to virtually every Apple service. One key request from users that has gone unanswered is the simple ability to merge or, better yet, link multiple Apple IDs. Linking multiple IDs would be particularly helpful in the business or education space because it would allow users to maintain separate IDs for personal and business use without having IDs that are dedicated to specific devices or services.
Going even further, it would be nice to see Apple provide a mechanism for for linking a business-related Apple ID to an enterprise identity management system like Active Directory. Apple has taken a step in this direction with its new volume licensing system, which links a user's Apple ID with a company's EMM solution for app distribution and does so in a way that strongly supports user privacy. Expanding that capability could enhance security, simplify the end-user experience, and more tightly integrate iOS devices with traditional enterprise infrastructure.
More granular options for managed open in. Managed open in is another iOS 7 introduction that offers a basic layer of containerization. Managed apps, those that have been installed by an EMM system, can be configured to share data only with other managed apps. Conversely, unmanaged or personal apps can also be configured to share content only with other unmanaged apps. One-way sharing -- managed to unmanaged or unmanaged to managed -- is also an option.
Although effective, the system doesn't support any granular settings -- you can't designate managed apps one and two to share information but exclude sharing with managed apps three or four. While Apple doesn't provide this level of specificity, most third-party containerization and app management solutions do.
Better identification or separation between managed and unmanaged apps Another issue with managed and unmanaged apps is that there is no real designation of which is which from an iOS user's perspective. The apps simply appear next to each other on the home screen. While third-party app management solutions often allow identification like badges on containerized app icons, Apple's stance seems centered on not dividing the user experience of the device. There's an argument to be made for that position, but there's equally a case to be made that identifying information can be helpful for users in understanding the difference between unfettered personal apps and managed or restricted corporate apps.
Expanded support for Apple TV management. Well over a year ago, Apple introduced the ability to configure Apple TV boxes using Apple Configurator. As part of iOS 7, Apple delivered the ability to use EMM tools to manage the devices over a network and gave administrators the ability to pre-configure access to specific Apple TVs for iOS device users. These abilities are a great start, but they are still rather limited. As Apple TV has matured, Apple has added a range of new streaming services to the device and has bulked up the capabilities of AirPlay from both iOS devices and Macs. This is particularly true of Macs running Mavericks, which can use an available Apple TV as an extra display in addition mirroring a standard display or projecting content using AirPlay. As Apple TV and AirPlay continue to mature, Apple should consider allowing greater management options.
App store credit for end users to purchase apps that aren't volume licensed. iOS 7 introduced a much improved Volume Purchase Program for iOS apps that allows organizations to license apps in a traditional enterprise software paradigm and to revoke or reassign licenses when employees leave or transfer to other roles within a company.
With employees and business units taking a greater role in selecting apps, cloud solutions, and other services directly from vendors, however, it's quite realistic that some organizations may want to simply give a department manager or individual employees the ability to purchase apps directly. Doing so may ease the mobility-related workload of IT and would clearly define purchase costs as being part of a business unit's budget rather than IT's budget. The current program does allow some flexibility and delegation of app licensing or purchasing, but it still tends to follow a more centralized and top-down workflow. Expanding the flexibility of the program and allowing a broader range of procurement roles would be a good follow-up to the new program that Apple rolled out last year.