Apple updates hardware, software, and services every year and has never been too afraid to cannibalize an existing product range to make way for the new — the iPhone ate the iPod, after all. Now, we hear that Apple is preparing its late 2022/early 2023 product salvo, and, as expected, this may include AR glasses.

What’s the story?

Mark Gurman at Bloomberg condensed all the current Apple speculation in a recent post. In brief, upcoming arrivals include:

• Macs, including M2 and M3 models, including an M2 Pro, Max, Ultra and Extreme configurations.
• Four iPhone 14 devices – two with an A16 chip and always-on display.
• iPad updates, including M2 iPad Pro models and an A14 entry-level model.
• Three Apple Watch models, including an SE and a rugged version.
• The mixed-reality headset, equipped with an Apple chip, likely a low-power, high performance M2 processor.
• An Apple TV upgrade, with additional gaming capabilities and a better processor.
• HomePod, which may include a display.
• And an AirPods Pro upgrade, including heart monitor.

That’s the round-up, so what might it tell us?

New business opportunities loom

First, it tells us Apple is preparing to open a new business segment around AR glasses. CEO Tim Cook has been guiding us towards this for ages and we’ve written extensively about the company’s purported plans. But this fresh frontier is now about to emerge and will provide businesses with a chance to build customer and internal collaboration relationships, digitize business processes, and explore/pioneer new market opportunities.

We can anticipate companies already in the space will probably be preparing to pivot their own product design and development roadmaps to reflect Apple’s eventual design. Sony, Microsoft, Valve, HTC, and Meta will all be watching, and you can anticipate some spicy talk from at least some competitors through the vehicle of the Metaverse Standards Forum. Talk is cheap, but the overall effect will be to promote rapid growth across the existing AR/VR industry.

Content and services developers will directly benefit, predicts analyst Ming-Chi Kuo. I agree.

Apple silicon roadmap is coalescing

Second, it tells us that Apple is very, very focused on its own Apple silicon chips. We knew this already, of course, but any business considering implementing employee-choice schemes or introducing/extending support for iPads/Macs can now (if they didn’t already) see a clear road map for product development stretching out years ahead. Apple has proved its commitment to regular security and software updates while the market for enterprise supporting products and services continues to expand. There seems little beyond inertia to stop businesses from deploying additional Apple products. That’s possibly why Jamf CIO Linh Lam expects the company will be the number one (endpoint) vendor by 2030.

This is also why Apple will continue to evolve its offer to enterprise pros.

For end users? Fast, increasingly powerful computers with incredibly low power requirements, all of which include on-chip features (such as UWB (probably) and/or machine-learning capabilities) much of which haven’t really been stretched yet.

That built-in and unexploited upside within existing products, along with Apple’s commitment to continuous software upgrades, means the Mac or iPad you purchase today (or next year) will be a better machine the year after that.

One more thing: We don’t know, and we’ve not been told, but it appears Apple is betting on COVID-related production slowdowns ending. With this in mind a lot will depend on health data as we enter the fall.

Health, fitness – and eye care?

Third, it tells us about health. A second report today explains that the new AirPods Pro will use USB-C, have microphones built into the case for use as a hearing aid, motion sensors, built-in fitness tracking, temperature detection, and a heart rate sensor.

In other words, Apple is proliferating its health data collection systems across its personal products, further expanding its reach into augmented health.

When not evangelizing Apple’s AR products, Cook has frequently extolled his company’s work in health. While I don’t think we’ve seen Apple’s big idea in that sector yet, the addition of health sensors to AirPods gives us a firm direction of travel and, if nothing else, probably means digital health solutions developers should sign up for an Apple developer account.

Starting in iOS 16, Apple has told us to expect the capacity to save vision prescriptions to HealthKit. It says this is because such prescriptions are easy to use. But given the looming launch of AR glasses and that such data is now available to developers via ‘requestPerObjectRead’ authorization, it’s hard not to wonder if there’s something more to this. After all, 75% of US adults rely on prescription glasses. There’s not a huge amount of value in mixed reality if all you can see is the overlay.

The return of the Apple quadrant

Back when Steve Jobs returned to a near-dead Apple and cut the cruft, the company adopted a much-simplified product road map: Pro, Consumer, Mobile, Desktop. There were and still are shades within that, and new product families also now exist, but the company has remained focused around those divides.

Apple’s claimed decision to place A16 chips only in the Pro iPhone models while equipping the iPhone range with (albeit optimized and improved) A15 processors suggests the company’s returning to that strategy. Pro iPhones (and by inference, all Apple’s pro products) will gain additional features and capacities to set them apart more clearly from the consumer range. Apple has reached a point where it’s only truly credible competitor is itself. What’s a firm to do?

[Also read: We already know how Apple will prosper in uncertainty]

Consumer users needn’t feel too down about this, of course: Those high-end features get to be universal features eventually, usually over around two years.

The green slide

One thing that isn’t being discussed much is how Apple must continue work to mitigate the impact of hardware manufacturing as it seeks to meet its own zero carbon 2030 goals. Manufacturing is inherently wasteful of resources, raw materials, water, fuel, and more. The need to optimize manufacturing processes continues across every industry, and this means sustainability and recycling will be core to new hardware designs from the firm. Apple’s approach to “designing in” sustainable business practice across its own and partner businesses should help inform every enterprise as to what’s possible.

The green slides Apple produces during its looming product presentations should be looked at deeply for what they reveal around process innovation, use of recycled materials and more. There is, after all, a lot of otherwise squandered cash to be released within any company through application of more efficient, less wasteful manufacturing and distribution practice. To what extent can Apple’s decisions on this help guide your own as you seek to more effectively manage your business?

One more thing

Bloomberg also seems to predict the introduction of a multitouch screen atop a new model HomePod. If that’s the case, this could conceivably offer up more visual elements such as album art and an on-device music selection system, but it’s not too huge a stretch to imagine support for relevant home-focused apps and widgets. To what extent will Matter and Thread support enable smarter smart homes?

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple’s rapidly growing enterprise market share is generating an expansion in the support services ecosystem for the products. One company to recently enter the Apple device management space is Hexnode. I spent a little time with company founder and CEO Apu Pavithran to see this part of the world through his eyes.

What will the workplace of the future look like? 

As we work through the pandemic, we hear a lot about the new workplace. But no one yet knows what this will be. We know expectations have changed and employees have proved that remote work can be productive, though many managers are having problems making this transition.

How does Pavithran see the future of work?

Looking at it through the lens of device management, he points to the need for cloud-native device management systems. “We can safely say that almost every application will migrate to an entirely cloud-based or hybrid solution in the next few years,” he says.

This move away from on-premises systems to cloud-backed intelligence is likely to show up as increased spending on SAAS, which is certainly what Gartner, IDC, and others expect.

This is also going to generate challenges in terms of handling multi-cloud deployments, applying customer-led pressure on vendors to build solutions that play nice with others,” says Pavithran. “On top of easing the burden of IT administrators, application integration offers many other benefits. Organizations may establish integrations that update their infrastructures and enable agile business operations by combining and streamlining data and workflows between disparate software applications.

“New cybersecurity ideas like SASE result from the growing convergence between existing solutions.”

Hexnode’s boss also sees the new workplace as an intelligent workplace. “From medical to automotive to cybersecurity and E-commerce, AI has strongly impacted almost every industry,” he said, predicting this will continue and accelerate.

Apple is growing in the enterprise

Pavithran definitely sees growth in Apple and Mac market share. Windows was the de facto enterprise OS 10 years ago. Today, the resurgence of Apple means millions of Macs, iPhones, and iPads are in use across every industry. The feedback is that TCO spending falls, productivity increases, and employee loyalty grows when offering such choice.

“Apple played an essential role in turning the MDM industry into what it is today,” says Pavithran. “The device management APIs Apple introduced with iOS 4 in 2010 introduced many new capabilities…. For example, through Apple Device Manager or Apple School Manager, MDMs can onboard any organization-owned Apple device to their fleet. Even the new user enrollment capability was launched so that MDMs can better manage the devices in their arsenal.

“The capabilities Apple has released in supporting device management functionalities have allowed vendors like us to securely manage both personal and corporate-owned Apple devices. Hexnode has seen considerable growth in Apple in the enterprise.”

[Also read: How Apple improved enterprise deployments at WWDC]

The digital transformation of the workplace

Alongside the move to adopt different platforms and practices, the way work works is also changing.

Accelerated by the pandemic, this digital transformation means new challenges and opportunities to keep business leaders up at night.

“It is true that digitalizing the different processes, procedures, and operations of work will see significant benefits in the form of increased productivity, faster provisioning, reduced costs and so on. Unfortunately, the advent of new technologies and solutions requires changes in the traditional methods of operation. Employees, IT administrators, and managers will have to re-learn new techniques to keep up with it. Fortunately, improvisation is one of the greatest boons of our kin, and as new challenges emerge, so do new solutions.”

These include MDM APIs Apple provides, including its relatively recent user enrollment capability to help endpoint management solutions like unified endpoint management (UEM) or mobile device management (MDM) protect user privacy by separating personal and corporate data. 

“I don’t see hybrid work coming to an end any time soon. However, successfully maintaining a remote environment poses many difficulties in both device management and data security,” he says.

That’s why the MDM market is evolving so fast.

“UEMs are even a part of next-generation architecture like zero trust. One of the tenets of zero trust is that you don’t trust either the user or the device. In essence, people must verify that they are who they claim to be, and devices must verify that they are what they claim to be. UEMs are one class of solutions that allow admins this visibility into their remote devices while providing additional security.”

How MDM works with Apple devices

Apple uses Managed Apple IDs to authenticate user enrollment. Controlled and created by enterprise admins in Apple School Manager or Apple Business Manager, Managed Apple IDs are different from regular Apple IDs. They usually handle things like your email, may manage data storage and app provisioning, and will likely feed into endpoint security systems. It is now possible to host both a personal and a managed Apple ID on one device, using containerization.

Containerization means a person’s personal data existence is kept separate — you even get access to your personal iCloud storage — striking a balance between security and privacy for both company and employee.

UEM/MDM systems provide administrators with intricate visibility and management of every device, but this can affect user privacy if containerization is not in play.

The difference between Apple user enrollment and Android

On the outside, both Apple’s user enrollment and Android’s work profile aim to secure corporate resources while respecting employee privacy, says Pavithran.

“Implementation is similar, as both systems create separate virtual containers for work apps and data,” he explains.

However, on Android, the virtual container is visible in the user interface as a separate folder or a section of the app drawer, which means various versions of the same application may be operated with different accounts.

“Unfortunately, since Android only sets a framework for this feature, the scope and capabilities of Android’s work profile changes according to the device manufacturer.”

It works a little differently on Apple, he said, describing it as a “stealthier” approach.

The separate (enterprise) space exists in the backend and is not as visible.

That means that rather than creating parallel applications for personal use and work, “The same application can create a personal profile with a regular Apple ID and a work profile with a Managed Apple ID.”

Pavithran seems reasonably confident Apple will continue to extend the enterprise support it builds into its system. “As Apple makes its APIs more available to third-party vendors, the resulting synergy will surely help secure the enterprise workings of the future,” he said.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple remains focused on the needs of enterprise IT. With this in mind, it made several interesting changes at WWDC 2022. Here’s a rundown of the improvements Apple announced we’ve identified so far.

Apple announced a raft of developer technologies

Apple ushered in a range of enterprise-focused improvements during the developer sessions held at the event.

Declarative Device Management

Introduced in 2021, declarative device management works to make devices more autonomous and proactive, while allowing servers to be lightweight and reactive. It is now also available for Macs.

Managed device attestation

A new security feature that uses the Secure Enclave to provide strong assurances about a client device, such as its identity and software version.

Apple Configurator

Apple Configurator for iPhone was introduced in 2021. It lets admins add Macs purchased outside of the normal channel to their organization using Apple School Manager (ASM) or Apple Business Manager (ABM). When running Setup Assistant on the Mac, admins just need to hold an iPhone running Configurator over the animation. The Mac will then connect to the internet and add itself to your organization. At WWDC 2022, Apple extended Configurator for iPhone so that it can now also add iPhones and iPads.

Google Workspace

In keeping with the move toward password-less access, Apple wants to build systems tough enough that users only need to sign in once and then for that identity to be held across everything else. With that goal in mind, the company confirmed that for Federated Authentication, Apple Business Manager now integrates with Google Workspace as an Identity Provider.

Sign in with Apple

The company said this feature can now be be used at work and school with Managed Apple IDs. There are additional security features baked in, so admins can allow all apps or selected apps to use the sign in tool.

OAuth2 support

This is quite an important change. Apple used a token-based authorization system in iOS/iPad OS 15 to allow MDM servers to verify user identity. This changes in iOS/iPad OS 16 with the addition of support for OAuth 2 as another authorization mechanism. This means MDM servers will be able to support additional identity provision systems providers also improves security, and adds another new feature that is described below.

Enrollment Single Sign-on, or Enrollment SSO

This is a faster system that enables employees to enroll their personal devices into your organization’s MDM system. The system requires users to enter their email address to download an enrollment single-sign-on app. The user then signs in once and the app handles the rest of the process. The system does require IT and MDM vendors to take certain steps before it is supported, including MDM server configuration to ensure the correct JSON document is shared.

Platform Single Sign-On (Platform SSO)

macOS Ventura gains this new feature, which lets users sign in once on login to automatically sign into apps and websites. The feature, which uses a range of technologies — including third-party SSO extensions, its own Kerberos extension, FileVault, OAuth, OpenID and so on — means you may never need to remember another website password, or go through the process of entering it, again, at no compromise to your security.

Automated device enrollment

Apple made an important change to automated device enrollment, one that I imagine will make it much harder to setup a lost or stolen managed device for sale. The company says ASM/ABM-registered Macs must have an internet connection to be setup once erased or restored.

Accessory protection

To protect against close-access attacks, a new MDM setting lets administrators require a user password before using new Thunderbolt or USB accessories with M-series Apple notebooks. 

Web content filtering

Admins will be able to apply Web content filters and DNS proxies on managed iPhones and iPads running iOS 16 and iPadOS 16.

Making it easier to swap eSIMs

You will be able to transfer eSims between iPhones using Bluetooth. To do so, just move your older iPhone close to your new one and follow the Set Up Cellular command dialog. Apple also put protections in place to ensure users don’t accidentally delete their existing eSIM, as doing so requires a new one be provisioned.

Shared iPad improvement

This slight improvement may make a big difference. A new command lets admins autosuggest the domain name of your company when a user begins to enter a Managed Apple ID. This is going to save a lot of time for shared iPads, particularly when handling complex URLs, as it means spelling becomes less of a problem.

Accessibility in iOS and iPadOS 16

Apple has added tools to let MDM systems manage popular accessibility settings including Text Size, VoiceOver, Zoom, Touch Accommodations, Bold Text, Reduce Motion, Increase Contrast, and Reduce Transparency. Users can modify these settings, but it does means devices can be made more accessible from the start.

Apple also made some keynote announcements

Apple also made several announcements that should benefit enterprise and business users during its WWDC keynote:

Continuity Camera

This lets you use your iPhone as a webcam and adds a Desktop view to let you share video from above your keyboard.

Mail and messages improvements

The welcome (and long-awaited) introduction of improvements to Mail search will help everyone. Scheduled emails, the capacity to delete sent emails and the ability to set reminders to return to unactioned emails will all make a big difference to workflow. This is Apple playing catch-up, as features like these have been available to other email platforms using tools such as Boomerang.

Metal 3

Some interesting enhancements within Metal 3 include the capacity to create more photo realistic environments and to take further advantage of graphics memory to drive applications.

Spotlight search

This means you can get valuable web results at a platform level. This doesn’t completely replace traditional search engines, but it’s a desideratum of what’s to come.

Live text

The ability to pull text (in actionable format) out of images and video will make a huge difference to users and opens interesting possibilities for developers, particularly at businesses working with international audiences.

Rapid Security Response

Rapid Security Response will make a solid difference to hybrid and remote enterprises as it means Apple can directly install security updates into Macs, iPhones, and iPads. This should help accelerate installation of software updates across businesses that until now relied on employee discretion around updating. It also means MDM systems don’t need to wait on full updates.

Passkeys

These are important, as they usher in a completely passcode-free future. The move should vastly reduce business and personal vulnerability to phishing.

Have you come across additional enterprise enhancements announced at WWDC? Please drop me a line and let me know.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

In the run up to last week’s Apple’s Worldwide Developer Conference (WWDC), a concerning problem hit people trying to order new Macs. For some configurations, customers were told they would have to wait until August to get their new machines. Granted, many of these delays involve systems with added memory or storage. But you can’t upgrade many Macs after you buy them, so – for some – this problem is not trivial.

How bad is the problem? Apple’s 14- and 16-in. MacBook Pro laptops, which have been on sale since last fall, are weeks out from delivery. If you order now, you’ll have to wait until at least July 28, and maybe well into August, before the new hardware arrives. Even worse: the base 24-in. iMac, if ordered now, won’t be in hand for “nine to 10 weeks,” according to Apple’s online store. (Higher-end iMacs are available right away, however.)  

Many of the delay reports have come from annoyed consumers. But the on-going backlog has had an outsized impact on education and enterprise customers.

I’ll focus first on how the supply chain problems have affected the education market, because that’s who was the most inconvenienced.

Delays hit education hardest

As anyone who’s worked in education – either K-12 or higher ed – knows, summer break is the only opportunity in the year to replace, refresh, or retire your fleet of computers and tablets. For this reason, the device lifecycle in schools is almost completely built around summer break.

If these delays mean a school can’t buy enough Macs to update its fleet this summer, that school won’t have another opportunity for a full year. Schools don’t have other breaks of much longer than a week in any year — and a week is not a realistic timeframe for doing lifecycle management or upgrades.

Colleges and universities, theoretically, could weather these delays a bit better. The winter break between semesters is often several weeks long. IT teams often use that break to manage big projects such as upgrading technologies, archiving student work, and offering training to faculty and staff. While it’s not ideal to attempt major lifecycle management tasks during that short break it is, at least, possible. I have never done a device lifecycle update during that short break between semesters but, in my days in higher ed, I did manage a complete system refresh across several Mac-specific labs.

Enterprise and small business customers are probably less affected by these delays. Typically, a non-education business can do a full or staged lifecycle update at any point during the year since they don’t have any lengthy breaks in their business operations. But the upcoming release of macOS Ventura, which will drop support for a wide range of Macs as part of Apple’s effort to shift customers to Apple Silicon, changes that calculus somewhat, particularly for companies that are largely or completely Mac based.

What happened at Apple?

One major factor behind the delays of new Macs is the supply chain slowdown thathas affected companies across many industries. However, with Apple unveiling new M2-based MacBooks at WWDC — they won’t be available until July — it may be that Apple is allowing some of its products to become constrained in order to encourage people to purchase these upcoming models.

(I have certainly suspected them of this sort of strategy before.)

It’s also important to note that shoppers are not experiencing these delays through many of Apple’s resellers. Some Apple sales partners, including Amazon, have Macs available without long delays. Most enterprise and education customers, however, tend to order directly from Apple because that ensures they will easily be able to add their new Macs to Apple School Manager or Apple Business Manager and enable zero-touch deployments.

Some of Apple’s channel resellers can add your purchases to Apple School Manager and Apple Business Manager, but it can be challenging to figure out which resellers can do it. This might mean, too, that you have to work with a vendor you have no previous relationship with or one that doesn’t offer the discount you need. Schools and government agencies often get discounts when they shop with certain vendors, and some of these groups are required to use specific vendors whenever they do technology procurement.

Buying from unsupported vendors

To maneuver through the current delays, you may find yourself shopping around. It is simpler and more expedient to buy direct from Apple – or a vendor supported by Apple – but it is possible to purchase from other companies. This will likely add some steps to the process and probably won’t allow for zero-touch deployment. But, if you are in a crunch, it’s worth considering.

If you attempt it, you will need to use Apple Configurator to configure the new Macs and join them to Apple School Manager or Apple Business Manager. This requires booting each Mac and using the Apple Configurator for iPhone app that Apple released last year to make the connection. That process isn’t difficult. In fact, it’s similar to setting up an Apple Watch. You point the iPhone’s camera at an animation that appears in the Mac’s setup screen to start the process. It could be time consuming, though, if you are adding a large number of Macs.

What should you do?

Given the current delays, you have a few decisions to make to navigate it. The first question to ask yourself is if you need that custom Mac configuration, especially if the standard option is available. And, if the standard option is delayed, can you substitute a different model that is available now?

The next question, if you do need that custom-configured system, is can you delay the purchase?

If neither of these are possible, your next step would be to see if you can purchase from a channel partner that enables automatic connection to Apple School Manager or Apple Business Manager.

If that isn’t an option, you’re left with the question of sourcing from a different vendor and manually adding the new Macs. This will take more time and resources, so you’ll need to plan for that, too.

Ultimately the issue comes down to how important this purchase is to your organization. None of these options, or the tradeoffs you will be forced to make, are likely to be ideal for your situation. So, consider this: Maybe there are advantages to delaying your purchase completely. If you wait, you might be able to purchase newer and more powerful powered machines than the custom upgrade that Apple is delaying.