Apple has recently released iOS 9, their latest update and with it comes some great features for enterprise mobile. Apple has fixed a few things that were inconvenient for users and added in extra security measures that are easy for users to work around.
For IT departments and the EMM impact iOS 9 brings, the main announcements are the Volume Purchase Program (VPP) for applications and Apple’s Device Enrollment Program (DEP). Devices can now automatically be enrolled and configured using the Apple Configurator. There is no need to touch the device at all in order to set it up for use within the enterprise ultimately streamlining the process for both IT and the end user.
“The Volume Purchasing Program (VPP) has become international which is great for companies who operate across borders and their various employees can now go and purchase licenses for whatever app they need and assign them to the employees,” says Cortado CEO Henning Volkmer. “These licenses from the app store in the country the employees are in don’t have to log in and out of the app store with different accounts. Along with that the management of applications that are already installed on the device has become a whole lot simpler. “[quote]
With iOS7, Apple had introduced the managed application concept but if you already had pages on the device and wanted to dedicate pages of the managed application control to other applications to exchange data with you would have to delete pages and reinstall it in the form of managed application. Now [with iOS9] the managed application market can simply be added to the application that’s already on the device. It’s a lot more convenient and also saves a lot of time and data; some of the enterprise applications are fairly large.
Once applications are managed Apple did a good job of improving the business container with managed applications on the device they highlight email addresses of external parties so that you are aware of who you’re sending certain documents to. The add-drop functionality can be managed as well so that it plugs the hole in the container so that it’s no longer possible to move a document out of the container using add-drop. This closes quite a big loophole. They allow us to tie applications into what they call an Application Transport Security Protocol [which is] essentially a secure way to allow applications to communicate with the back end.
Apple implemented a secure way for applications that have access to resources in the data center to have a secure connection to that data center without a developer that doesn’t have quite as much experience in secure data transmission to build that secure connection back to the data center. The Per-App VPN was a very nice idea and was introduced two years ago. It was lacking significant support from the actual VPN vendors; there were very very few VPN appliances available for the data centers that would actually accept those connections. In iOS9, Apple is going to extend that quite a bit and allow per app VPN to be built in.
Built in VPN clients for example supported connections to Cisco back end systems can be used to support an additional layer of security beyond the app transport security protocol for companies that like to have the additional control of having the data traffic go through a VPN. By doing that per application rather than for the entire device, it’s a lot easier to separate the traffic that should go through the back end from personal YouTube adventures, for example. That will finally give per app VPN the chance that is actually gets adopted.
iOS 9 is now available for all Apple devices and as with any update, enterprise mobile users must update their devices for the best security coverage from their providers.