If you run a business on Macs (and many companies do) then you should become familiar with FileVault, the disk encryption system that’s built into macOS. When used properly, it makes it extremely hard for any malicious person to access your company’s confidential data in the event your Mac is lost or stolen.

What’s the problem FileVault tries to solve?

Most businesses possess various forms of sensitive data. This might include corporate  or supplier data, confidential order books, financial records, contact names and addresses, and more. That information has business value, but if compromised could also place you, your employees, or your customers at risk. In many industries, protection of such information is mandatory and legally required.

Apple’s FileVault makes it much harder for unauthorized users to extract this kind of data from company Macs. It does so by encrypting the data on the Mac and decrypting it only once an appropriate login is used. FileVault encyrypts and decrypts data in the background, so the system can be used while the it does.

What is FileVault?

Apple introduced FileVault in 2005 with Mac OS X Panther (10.3). At that time, it only protected a user’s Home folder. The technology has evolved since then and now offers XTS-AES 128 data encryption for the whole disk, protected by a 256-bit key.

When it comes to business, IT can manage FileVault using most available MDM systems and consoles.  When a Mac is protected by FileVault, no one can access its data unless they have the FileVault decryption key or user account credentials.

The current implementation of FileVault is available on both recent Intel and Apple Silicon Macs.

How to enable FileVault

FileVault is not enabled by default.

To enable it you must be an Admin user on your Mac. If so, you can open System Preferences>Security & Privacy and check the FileVault tab.

You will be given two choices, to protect the Mac using your iCloud account and password, or to use a Recovery Key. The first option is fine for personal users, but most enterprises will probably use a Recovery Key.

It is very important to note your login password and the recovery key generated for you when you enable FileVault. That’s because if you forget them both, all the data on your Mac will be unavailable to you. One protection here is that console-based MDM-based systems may be able to remotely assign new keys.

NB: Once you enable FileVault, it cannot be turned off until the first full encrypt has taken place. That first encryption can take time, depending on how much information you have on your Mac. Subsequently, in the event the passphrase or recovery key is changed the entire volume must be decrypted and re-encrypted.

Know your limits

It is extremely important to note that an individual user who cannot recall their password or recovery key will never be able to access that data, as they will eventually need to delete and reinstall macOS.

However, a business that makes use of a modern MDM system to manage its Macs can also assign institutional recovery keys that can be managed and stored from the MDM console. That’s useful as it means that if a user forgets their password, IT can use the recovery key to reset FileVault and assign a new password to get them back in.

What to consider when creating passcodes

Companies should consider passcode policy for FileVault volumes. A generalization is that longer passcodes are stronger passcodes (so long as they aren’t 12345678910), but it’s also important to consider passcode rotation schedules and alphanumeric codes. In my experience, the challenge with the FileVault recovery key is that since it is used so infrequently, it is very easy to forget the code. This is one code that needs to be written down and locked away somewhere, even if you use a transposition cipher to secure that written key.

[Also read: How to stay as private as possible on the Mac]

Some Macs already encrypt

Macs equipped with an Apple T2 Security chip automatically encrypt data already. It’s still worth using FileVault with those systems as it enhances the inherent protection by requiring your login password to decrypt your data.

Apple maintains a list of Macs that make use of the T2 Security Chip here.

Should all your Macs be protected by FileVault?

As a rule of thumb, any Mac that carries or has access to personal or sensitive business data should use FileVault encryption.

What are the consequences of using FileVault?

Other than the complete loss of data in the event you forget your passcodes and lose access to your Mac, the biggest negative outcome when using FileVault is that I/O performance can sometimes be affected.

What can I use instead of FileVault?

Though FileVault has the big advantage of being Mac-native, some businesses may prefer to use alternative solutions such as VeraCrypt.

Where can I find out more about FileVault?

Apple’s current advice on use of FileVault in macOS Monterey is available here.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Enterprise adoption of Macs, iPads, and iPhones grew dramatically during the pandemic. Apple and its enterprise partners want to consolidate this expansion in 2022, which should be another big year in hardware investment.

Delivering a growth strategy

We’ve been watching the Apple in the enterprise expand rapidly throughout the pandemic; 2021 was a record year for hardware sales as companies invested in computers and devices to support hybrid teams. Apple evidently benefited.

Apple in the business sector is now served by more MDM providers than ever and competition among Apple-focused enterprise service providers is intensifying. Why? Because enterprise demand for Apple products has never been higher, and — pushed by employee preferences — deployment continues to grow. At the same time,  enterprise spending on devices climbed 15.1% this year and will maintain those levels (albeit with slower growth) into 2022, according to Gartner.

Apple surely wants to maintain its foothold of this expanding market. It knows M-series Macs are winning converts, even as enterprise iPad sales continue to grow. With a view to maintaining this momentum, Apple Business Essentials is a strategically important step to make its solutions more attractive to business users. The scheme acts as a gateway to provide smaller businesses with an easy-to-manage entry point into the larger world of MDM solutions served by Apple partners, including Jamf.

Get your lease on

But enhancing the availability of support for Apple devices isn’t the only trend in the enterprise space the company is trying to address. There’s an emerging desire among enterprise users to lease their technology hardware, claims BNP Paribas.

The BNP Paribas research shows 76% of IT hardware continues to be purchased outright in Europe, but suggests businesses are moving toward access, rather than ownership. That’s not surprising, given that 77% of businesses already lease vehicles. Leasing computers makes sense — particularly while handling limited budgets during international crisis.

Apple perhaps is quietly working to meet the growing desire for leasing tech. We recently learned of an arrangement between Apple and financing partner CIT under which US businesses can lease their Macs from as little as $30/month/machine. The scheme makes it easier for companies to field Apple devices across their business – and may also help them deploy devices across remote teams as hybrid workplaces are normalized.

We don’t yet know if this push reflects a wider global strategy to enable business users to access Apple as a service, or whether it reflects a single offer from one place. But even this isn’t the end of the story.

What follows deployment?

That’s because even with effective MDM solutions and leasing schemes, businesses have a lot of work to do to unlock the opportunities of digital transformation. Pre-pandemic, a Deloitte survey showed that despite huge mobile device deployments, many enterprises continue to use dated business practices.

That report describes simple, but critical, key tasks that can’t yet be handled by mobile devices: 59% of employees can’t complete timesheets, for example; 39% can’t file holiday requests; and just 41% are able to approve invoices on mobile devices.

This reflects a reality in which many businesses haven’t yet shifted their mindset enough to change existing business practices, and changing them poses additional demand on tech budgets. Gartner says 65% of corporate board members want to accelerate digital transformation projects.

There’s a need to meet those pain points head on — particularly when enterprises are juggling a big basket of challenges, not limited by but including: COVID-19 issues, supply chain challenges, a mass move to hybrid work, employees who want  technology choice, the Great Resignation, considerations around office space reduction, and the need to deploy new kit to support the new workplace.

This cornucopia of challenge is nurturing recognition that investment in new digital business processes may be essential in order to help businesses navigate these sometimes-conflicting problems.

While Apple Business Essentials and the new business leasing scheme may help resolve some of these pain points, the next stage to consolidate Apple’s gains in the enterprise market will depend on partners such as IBM, Cisco, SAP, and others delivering accessible tools Apple-wielding businesses can affordably use to quickly and easily digitize their business processes.

Perhaps Apple might encourage such development by creating an App Store for the enterprise?

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

There’s a real lack of nuance and context these days in so much of the reporting about Apple. Products the company has never announced are declared delayed, while rumored products might be described as being abandoned — not because they are delayed or abandoned, but because those rhetorical terms fit the narratives being put together by the latest breed of crisis journalists.

What if everything is true?

Some math is simple. One plus one usually equals two. But there are exceptions. And it’s the lack of awareness of those exceptions that’s fostering cognitive dissonance in the Apple sphere.

Take Apple’s work in energy.

Energy is essential. Apple invests in energy across the lifecycle of its products: It invests in energy production in the form of renewable sources; it continues to improve product energy consumption and invests in battery and power delivery technologies, as seen in MagSafe.

The company has been investing in wireless energy for years. Research sometimes hits hurdles, however, as proved when AirPower was announced and subsequently withdrawn, presumably because the tech at the time proved itself less capable of delivering a consistent experience than required in a mass market product. But AirPower’s stumble didn’t mean Apple stopped working on energy technologies. Work continued somewhere in Apple’s massively financed c.$21 billion R&D department.

That shouldn’t be surprising.

Taking a look at it all

To be blunt, it’s simply common sense that Apple’s research teams continue to explore every possible pillar supporting its consumer electronics empire. It stands to reason  that Apple continues to develop short-range and long-range wireless charging and the capacity for devices to charge up each other inductively. (It would be more surprising if it didn’t — particularly when QuantumScape, Volkswagen’s favored solid-state battery technology firm, is based in its San Jose back yard.)

The same logic applies to Apple Car.

Over the many years this speculation has existed, we’ve been told the project has stopped, been rebooted, delayed — and now we hear the car will be hitting roads perhaps as soon as 2025 (with a subsequent report claiming another delay).

Confusing, isn’t it?

The more nuanced approach to this topic would be to report that Apple is developing a range of technologies that relate to autonomous and semi-autonomous vehicle design. Those technologies must surely include everything from the wheels to seat design, from building processors capable of running the AI to developing Face ID for door entry. Not every component will be improvable, but those that can benefit from Apple’s touch will be redesigned (and many may be outsourced). Though redesigning everything takes time.

Think about the M1 Macs.

We were told speculation Apple wanted to move Macs to Arm chips was misplaced. And yet, we’ve now learned that Apple worked for years to achieve its own Mac chips.

Once again the polarized “all-or-nothing” approach to Apple reporting masked a more nuanced truth: Apple is always working on alternative solutions somewhere in its labs. That implies it may already looking at other processor designs to replace ARM.

Apple probably has a patent for that

Apple’s researchers do keep a low profile, but they show up, attend industry events, and deeply examine emerging technologies. Apple’s people even work with others on industry standards, including for future tech evolutions such as 6G.

Look at Apple’s patents. It files hundreds every year. Most come to nothing, but each reflects research that has taken place behind the scenes. In the last few weeks, dozens of patents for gesture controls for headsets and displays, holographic projections, AR headsets, glass ceramics in imaging sensors, retractable keyboards, vehicle suspensions and smart clothing have all been granted.

Does Apple plan a range of kinetic energy powered smart clothing with built-in textile screens? Perhaps — it owns more than 40 patents associated with the idea. It won a patent to anchor virtual to real-world environments in 2016, one year before AR hit iPhone.

That’s the nature of Apple. If you want to get a sense of what’s possible, spend time glancing through the c.147,000+ patents it holds.

They don’t all come to life, of course.

What it doesn’t do

How many times have we been told the company is as proud of the things it doesn’t ship as of those it does? But don’t imagine Apple’s internal teams don’t occasionally dust off those old project files to see if the plan makes more sense now, given any relevant technology advances that may have emerged

You can even tell this is what the company does.

How many Apple TV patents and products existed before Apple TV? How many tablet-style mobile devices? How many portable gaming devices that may look more tempting with Apple Arcade? Will Apple introduce an M-processor powered 8K QuickTake video camera to reclaim the brand that launched the digital camera industry while putting its AI-enhanced imaging technologies into the heart of Hollywoodland?

To my mind, it’s way more interesting to embrace the many different areas in which Apple is applying its research muscle, rather than remaining trapped in a product-driven and inherently polarized “good/bad,” “true/false” narrative.

I see it as the best approach to thinking about the company, particularly if it is your business to be ready first when Apple turns its research into mass market platforms that unleash new opportunity. Such as the incoming Apple AR glasses.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

If you use Apple Silicon Macs, there’s a slightly improved chance you may soon be able to run a licensed version of Windows on your machines, as an Arm-exclusive deal between Microsoft and Qualcomm seems set to expire.

Qualcomm has a key

XDA-Developers tells us Qualcomm holds an exclusive arrangement with Microsoft to provide the processors to drive Windows on Arm. That’s why you find Qualcomm’s chips inside Windows for Arm devices, and don’t find processors from anyone else.

The report claims this deal will expire soon, which means MediaTek, Samsung, and others may begin to manufacture Arm-based chips for Windows — and may also give Mac users a chance to run Windows on M-series Macs.

There is certainly a chance this won’t happen. Microsoft recently suggested an Arm version of Windows 11 for Apple Silicon is not “a supported scenario” – but things do change in tech.

Why it matters

Apple’s Mac sales continue to grow across most enterprise markets, but at present the M-series Macs have no official Windows support. All the same, we have known they can run Windows on Arm insider builds using virtualization tools such as Parallels. Beyond that, other than using Windows 365, there has been no official, fully-supported way to run Windows on an M-series Mac — you don’t even get Boot Camp.

Most Mac users — and Parallels — had been hoping Microsoft would simply offer up Windows for Arm licenses for sale, enabling businesses using multiple computing platforms to run Windows, iOS, and Mac apps on a single machine.

Microsoft has never given us much hope of this, and I think many industry watchers had begun to give up on the idea. But for many enterprises, the ability to run Windows in some way is an essential requirement, particularly for businesses still reliant on legacy systems for some tasks.

A stumbling block

One thing that might be in the way is Nvidia’s ongoing attempt to acquire Arm from Softbank. This attempt is currently being investigated by the UK Competition & Markets Authority. (They are concerned the deal would give Nvidia too much power in the growing number of markets that rely on Arm reference designs.)

We won’t know the conclusions of this investigation until 2022. But it’s a decision that will have far-reaching industry consequences, given we are the cusp of massive Arm adoption.

Where the industry is going

Apple has been working with Arm to develop its chips since 2014, when it introduced the A4 processor inside iPhone 4. Since then, the company’s decision to develop its own processors has paid dividends. Mac users upgrading to an M-series system seem thrilled with the performance and capability of these machines. Apple devices sit at or near the top of most benchmark charts in each category and competitors in the same class now seem to be running at best one year behind.

Apple has blazed a trail — and as usual in time-honored fashion, competitors want to follow that path, too. Most recently, Qualcomm announced plans to manufacture Apple M1-competitive silicon by 2023 with help from former Apple silicon team developers from Nuvia, which it acquired earlier this year.

What comes next?

XDA-Developers isn’t clear about when the Qualcomm deal will expire, but things could get more interesting when it does. Not only might we see a rash of faster PCs running Arm chips and Windows, but we may also see Microsoft’s OS appear on M-series Macs.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

You can now run FileMaker scripts using Apple’s Siri Shortcuts app on Macs, iPhones, and iPads, a promising move that makes more automation possible for some business users.

Shortcuts for FileMaker

Apple subsidiary Claris first introduced support for Shortcuts a couple of years ago in FileMaker Go, the mobile version of its venerable cross-platform relational database application. The company has now extended this support to Mac users with its very recent macOS Monterey update.

The introduction of this support means you can run FileMaker scripts just like any other Shortcut, including via Siri.

You do need to designate which of your scripts you want to “donate” to Shortcuts, after which you can use those scripts in routines that you design. You also need to assign privileges to those scripts to enable access to them. “You can then run a shortcut using the Shortcuts app or Siri voice commands to open the file, run your script, and pass in an optional parameter,” says FileMaker.

This support makes it possible for companies using FileMaker to build voice commands to enable some tasks. These could include automations, inventory updates, or simply a process launcher.

You can also integrate your donated FileMaker scripts within workflows of any other Shortcut-enabled application. (This video may help explain how this works on iOS, but make sure your devices aren’t listening for the ‘Hey Siri’ command the narrator uses way too often during the presentation.)

How would you use this?

How useful is this? Prosaic deployments will include the capacity to automatically open specific databases or send business cards while more sophisticated uses include the capacity to check customer orders, create reports, or get business-critical data. You may want to ask Siri how many orders your company received last week or yesterday or check the status of a specific order, for example.

These Shortcuts will proliferate across all the devices you use signed into a specific iCloud account. They don’t necessarily need to be activated by Siri, they can also be location- or proximity-based and appear as a button (or application icon) on the Mac desktop or Home screen. 

I think this feature will work well along with the application’s support for Apple’s CoreML.

FileMaker developers can already use CoreML to add machine learning to apps. This makes it possible to achieve tasks such as object/face detection, image classification, text predictions and more. In conjunction with Shortcuts, it makes it possible to build automated inventory management systems leveraging cameras in iPads and iPhones, for example.

Why this matters

What’s most useful about this feature is that it is relatively accessible. While FileMaker Pro is complex, it’s not too complex, and many businesses worldwide use the app to support their work.

That’s because it is becoming a good example of a low-code solution that can be configured to meet real-world business tasks that can also scale up to deal with more complex demands. We know low-code and no-code environments will become increasingly popular across enterprise IT, particularly as demand for developers continues to grow. Reflecting this, Gartner claims the low/no-code market will be worth around $13.8 billion this year.

In part, this is because these kinds of options enable businesses to quickly build and deploy solutions to respond to changing needs without competing for (expensive) developer time. In part, relatively frictionless yet powerful development environments match the expectations of Millennials and Generation-Z employees. The idea is you scale up when you need to, but most routine tasks should be easy to automate.

“Globally, most large organizations will have adopted multiple low-code tools in some form by year-end 2021,” said Fabrizio Biscotti, research vice president at Gartner. “In the longer term, as companies embrace the tenets of a composable enterprise, they will turn to low-code technologies that support application innovation and integration.”

It is in this context that Claris’ move to embrace Apple’s Shortcuts tech matches emerging business needs. It also suggests that Shortcuts itself should evolve as a business-focused solution, serving more than primarily consumer needs.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple this week released a Safari Technology Preview update that among changes appears to address a problem that surfaced with its new MacBook Pro laptops and ProMotion adaptive refresh display software.

The problem came to light when owners of the laptops — which were just unveiled last month — began using Firefox, Chrome, and even Apple’s own Safari browser on the MacBook Pro. They found scrolling was anything but smooth, despite the higher refresh rates offered by the new hardware.

Apple’s release notes for Safari Technology Preview 135 say it has addressed “lazy image loading, and updated smooth scroll animations to run at 120Hz on 120Hz displays.”

The issue cropped up quickly on user forums at MacRumors; the purported fix in Safari Technology Preview 135 was noted initially by 9to5 Mac.

First, a little background on how the issue has unfolded.

Last year, Apple introduced a major software change in support of the launch of its own M1 ARM-based silicon (The company is phasing out the use of Intel’s x86 processors.) Programs running on the new ARM-based silicon relied on an emulation layer until developers could update their code. (An emulation layer simulates the x86 architecture, so the CPU, file system and system information functions are all virtualized.)

This year, on Oct. 18, Apple launched the new 14- and 16-in MacBook Pros running  macOS Monterey. One of big features in the new laptops is a new Mini-LED-based display offering more vibrant colors and a 120Hz refresh rate through Apple’s ProMotion adaptive technology.

ProMotion was initially launched in 2017 on the iPad Pro, and is now offered on the iPhone 13 Pro. The technology enabled adaptive refresh rates that would adjust to the responsiveness needed by applications. The promise ProMotion’s 120Hz refresh rate on the new MacBook Pro was improved responsiveness and smoother scrolling.

After the MacBook Pro launch, however, it appeared that some front-line applications, including Apple’s own Safari browser, didn’t support the new refresh rate via ProMotion. Users began complaining that scrolling was running at 60Hz, creating a jerky experience when navigating through web pages. (ProMotion works for other features such as minimizing windows or moving them around the desktop.)

Apple’s Safari Technology Preview is designed to provide users with an experimental version of the browser aimed at developers; their feedback weighs into what features the final version will have.

The release of the latest version of Safari Technology Preview prompted a new round of complaints from MacRumors users that the scrolling issue remains unfixed.

Because the process for vetting software updates via the Preview program will likely take time, it’s unclear when the regular release version of Safari will get the changes designed to bring full ProMotion support.