iOS13 – What the New Features Means for Customers
Recap of features so far by Colm Warner
Here’s what we know so far about iOS13 and my analysis of what it means to our customers, we will be doing a follow on piece as more details are revealed. Follow us on Twitter and LinkedIn to see updates in real time. For now, these are the key things we believe a customer or anyone managing iOS devices for an organisation should be aware of.
iPhone 5s and iPhone 6 will not get iOS 13
While earlier phones were abandoned due to the App Store moving to 64-bit apps, these ones are being dropped because they are 5 years old and impractical to support. Any customers that still have these models will need to replace them under this change.
Managed Apple IDs
In the past, creating Apple IDs for users was impractical, as Apple have steps in place to prevent the bulk creation of them, and so customers often got users to use their own. The downside of this approach is that on unsupervised devices a user could hand back a phone and IT would be unable to reset it without going through a laborious process with Apple. Going forward, IT departments will now be able to create corporate Apple IDs, and so they will be able to recover phones in this scenario in future. However, we would still recommend using DEP and devices supervision wherever the customer can do this.
Face ID and Touch ID SSO
While Facial and Touch ID have been in use for unlocking devices for a while, there are now going to be APIs to allow app developers create apps that can use these biometrics for Single Sign-On. We will cover this in more detail as we learn more, but for now we can expect corresponding MDM controls to be available, as there were for restricting things like handover and unlock before.
Custom device enrolment
Details on this are still a little sketchy, but it looks from initial details that customers will be able to customise some of the screens a user sees while enrolling their device. This might be a little gimmicky, but I’m sure some larger companies would prefer to use their own branding as part of the process.
Weak password warnings
Thankfully CWSI customers will already be covered here with MDM policies, but it looks like iOS13 will also monitor passcode and password strength.
Download large apps over cellular
Large app downloads and updates have been restricted to WiFi until now. Customers should be prepared for the extra data consumption that this will cause.
Starting from version 13, it seems that there will now be a separate OS for iPads. Until now, both ran iOS. This is likely to mean that there will be new features coming for iPads that won’t be available on phones. Security policies might need to be adjusted for these divergences as the differences emerge. What we know so far is that iPads will support external storage, and that presents a risk to company security if users were to attach personal Hard drives. Expect policy reviews on the back of this. This won’t be immediately available for models older than the iPad Air 2, but is promised to support as far back as the iPad mini 4 in future.
Apple will provide an Authenticator equivalent
Known as “Sign in with Apple”. Details scarce still but I expect it will work similar to Apple pay, where a token that represents your security details will be passed to the 3rd party without any personal information being divulged.