In part I of this post, we covered some of the new iOS 7 features and how they’ll affect your business. Specifically, we went over true multitasking, AirDrop, and Auto Updates. These three features will give developers more flexibility and allow users to operate more efficiently. They will allow your apps to scale better, especially in cases of consumer-facing solutions. On the flip side, there are also some security and data-sprawl issues to work through. Nevertheless, Apple has taken feedback from its enterprise clients to heart and put together a feature set more in-tune with modern professional requirements, continuing with:
Apple has stepped up their external security protocols with Activation Lock. Now, if your phone is lost or stolen, the thief cannot simply turn off “Find My iPhone”—that now requires encrypted iCloud credentials. Furthermore, the thief cannot simply erase everything on the phone and start using it because that too requires iCloud authorization. Finally, if you lose your phone and choose to wipe it remotely, it cannot be reactivated without your aforementioned credentials. This is an important development as both a theft deterrent as well as a corporate security safeguard.
“OPEN IN” MANAGEMENT
One of the best ways your IT department can protect corporate data comes by way of “Open in” management. You can now control which apps and accounts your employee’s iPhones open documents and attachments with. If you deploy custom-built apps to your workforce’s mobile devices that your employees are supposed to use, you can ensure any work-specific documents you send them are opened within that app(s) (as opposed to a third party app of their choosing). It keeps work documents in corporate apps while also preventing personal documents form being opened in managed apps. This is great for your security concerns and great for your employees’ ability to keep work and private documents separate.
PER APP VPN
VPN stands for “virtual private network,” and it’s an important tool for ensuring corporate data security. VPN’s allow companies to set up encrypted, direct access channels to their intranet from external sources. So, instead of your data flowing freely through your internet service provider’s network, you create an encrypted, private connection within that network such that no one can intercept what you’re sending between two devices or two networks connected via VPN.
Why this matters for you is that you can now establish which individual apps automatically connect to VPN when they are launched. This feature gives your security team absolute control over your corporate intranet and who and what has access. Most importantly, it ensures that data transmitted by managed apps (read custom enterprise apps) only travels through VPN. And as an added bonus, other data, like an employee’s personal web browsing, does not.
ENTERPRISE SINGLE SIGN ON (SSO)
SSO allows individual user credentials to work across all protected apps. This is great because IT departments can now implement security across every managed app deployed without forcing users to log into every single app individually. The individual user can simply sign on once, and every managed app will use those credentials across the board. You can also set up granular control over user credentials such that users have access to certain things in specific apps whereas they have a different level of access in others. Each app configured with SSO verifies user permissions for enterprise resources and grants authorized access accordingly. Apple has encouraged more secure behavior yet made it easier to comply from an individual perspective.
Regardless of whether or not you love the U/I redesign, enterprise clientele ought to be enthusiastic about the feature upgrades outlined in parts I & II of this post. It truly gives IT departments better control of corporate data and managed apps while allowing users to be more efficient and compliant with corporate data policies. Apple is serious about supporting enterprise usage and these features prove just that.