Apple explained a little about its approach to enterprise IT in a recent chat with the Mac Admin podcast.
Apple’s enterprise IT in focus
Apple’s Jeremy Butcher (Enterprise Product Marketing) and Doug Brooks (Mac Hardware Product Marketing) articulated Apple’s position. They discussed the T2 chip and Apple Business Manager during the podcast.
What they had to say was focused on the needs of IT administrators more than anything else. Their focus was very much on the three pillars of integration, system management and security, with particular regard to the Secure Boot process.
On why Secure Boot matters
Brooks explained the strategy that drove Apple’s development of the proprietary T2 chip inside the latest Macs. This falls into two main umbrellas: security and integration.
The system integrates things like SSD, camera controllers, and more formerly independent features. It also lets administrators support highly secure systems on both software and hardware-based terms.
When you launch your Mac, the T2 chip will boot itself first, launch its own firmware and only then begin to boot up the Mac. This gives the hardware the opportunity to ensure that the software it starts is legitimate.
[Also read: What Apple is doing in 2019]
Apple’s T2 chip has attracted some criticism, nearly all of it warrantless and much of what is said fails to recognise that smart hardware-based security systems will become an essential component of future security systems.
It must: the world is becoming more connected, not less, and software alone is insufficient to defend the perimeter.
Securing systems with hardware and software is a necessary response.
“Secure boot is pretty fundamental, it basically allows us to have a trust in the OS that’s booting that machine,” Butcher said.
On Macs becoming iPhones
The company reps also confirmed the company’s continued dedication to porting technology ideas between its platforms.
With this in mind it wanted to ensure the kind of rock-solid hardware security you expect on iPhones is also available to Macs.
They also discussed Apple’s beta software schemes. These let users test pre-release software with existing systems to identify potential problems. That’s great for consumer users but pretty much essential to enterprise users, who really need to ensure future software upgrades don’t break their machines.
The thing is, Apple sometimes changes pre-release software before release, adding or subtracting features and making alterations that enterprise users may be unable to test effectively in time.
On Apple Business Manager
The company recently introduced Managed Software Updates, which let admins schedule and delay software updates across their company using Apple Business Manager.
This makes it much easier to test new OS versions effectively before launching them across the enterprise. Apple Business Manager is a device enrolment program that makes setup of enterprise devices as easy as entering your Apple ID).
“MDM is absolutely core,” the Apple team explained. The way Apple Business Manager works lets admins choose their MDM vendor (eg. Jamf) and use their service in conjunction with ABM, which acts as a core for device and system management and setup.
On Apple’s growing place in the enterprise
The Mac is no longer the platform used by a few rebels in the creative department. “
Many customers are managing tens of thousands of Apple devices every day,” said Butcher. These include big firms like IBM and SAP.
“When you think about the fact that an organization like IBM a has six-figure Apple device count and that there are tons of organizations that have tens of thousands of our products, it’s a pretty humbling thing,” Brooks said.
IBM recently open sourced its [email protected] software, a step which means enterprise users now have a Mac deployment solution accessible to them that has been proven sufficiently robust for use at one of the world’s biggest firms.
There were a few tidbits I’d not come across also available in the transmission, such as the revelation that when you close the lid on your MacBook Air the microphone is physically disconnected in your machine, making it impossible to use the device to listen in. Another nice touch? The podcast was allegedly recorded using Apple’s recently introduced Group FaceTime.