In fact, Apple’s upcoming mobile iOS 7, scheduled to be released to the general public this spring, is chock-full of great stuff for companies. The release will surely please the growing mass of BYOD (bring your own device) employees who will be able to enjoy the native iPhone experience whether they’re using the phone for personal or business use.
“There is so much for the enterprise in this release, across lines of business, in education, healthcare and retail scenarios,” says Blake Brannon, senior product engineer at AirWatch, a mobile device management (MDM) vendor. “It’s as innovative as we’ve seen from Apple since the original MDM in iOS 4. It opens up ways of using these devices that previously were just not possible.”
The reason for Brannon’s high praise for iOS 7 ranges from new technical features to enhancements to volume-purchasing policies. It’s also a strategic change from Android’s containerisation model for serving the BYOD crowd, he says.
Here Brannon shares his take on iOS 7 in the enterprise:
What features are you most excited about?
Blake Brannon: On the BYOD front, there are things like per-app-VPN and ‘Open in’ management, which helps you leverage native apps to get a native, user-rich experience [for your app], but gives you the BYOD kind of protection and privacy that you need to restrict and separate work from play.
It provides the industry with a new way of thinking about containerisation and separation of work and personal data. In the past 12 months, the industry has been shifting towards containerisation. But iOS 7 is a different perspective that gives what the enterprise wants, in terms of protection of data, and what the employee wants, which is the native experience.
The streamlined enrolment process changes the out-of-box experience for setting up and managing these devices. It allows you to not have to build processes around staging and provisioning these devices, because you can really push it out to the end users to do themselves. Resetting the device to reuse it is as simple as issuing a wipe command from the Airwatch MDM tool.
In addition, the volume-purchase program changes how licensing works for mobile apps. Companies have been struggling for the past few years with the model that’s been in place, because of tax reasons, legal reasons, buying in different countries.
What are those changes?
Brannon: It’s basically around the ability to issue application licences to the devices and for the company to continue to own those.
The model in the past has been pushing apps to a user’s device, in conjunction with pushing that licence to the employee, and the employee kept and retained that license. If the employee left the organisation as part of the BYOD, they would keep that software, which brought forth tax implications, in terms of gifting software to people and things like that. It was just a little bit of a nightmare.
The new model allows the company to retain ownership of that licence and to remove it from the employee’s personal phone when they leave the organisation.
Any BYOD features in iOS 7 flying under the radar?
Brannon: There’s a tonne around what Apple calls ‘supervised devices’. There are several advanced features that allow you to have more robust control over devices. These primarily work more for corporate-owned devices than BYOD.
I am under [non-disclosure agreement], so I’m trying to be cautious about what information is public and what is not. A new feature is setting up things like printers or aeroplane destinations for the device. So, for example, you can lock down a device so that it mirrors to a certain Apple TV in a retail store or a student in a classroom. It allows you to deploy those devices, but still have the control to prevent tampering or use outside of the role they’re intended to be used for.
Is there anything missing in iOS 7?
Brannon: There are always features on the [wish list]. The one that sometimes comes up is around operating system control. In the grand scheme of things, it’s not really a feature you’re going to use, especially in BYOD. But being able to prevent or enforce the OS version sometimes is a scenario for line-of-business devices. That’s not necessarily something we saw in iOS 7.
Does iOS 7 reduce Airwatch’s value proposition?
Brannon: I get this question a lot. Absolutely not. [What] Apple builds around these features are really APIs (application programming interfaces) that are dependent upon MDM to enable. Just because they create an API that allows you to control ‘open with’ doesn’t mean that the feature is turned on without a management tool. If anything, all of these new features grow our business and expand our market scope, in terms of the ability to manage different devices for different scenarios.
Is iOS 7 way ahead of the game, in comparison to Android?
Brannon: iOS 7 allows you to do BYOD in more of a native experience on the device, whereas the Android path is built around doing BYOD in a containerised way.
There are absolutely manufacturer-specific APIs that allow you to do native mail client, native policies on select manufactured Samsung HTC, Motorola-type devices. But as a whole on the Android front, you’re seeing a little more adoption around BYOD containerisation.
It’s a philosophical divide in some scenarios. In some cases, people want [containerisation] because it feels more separate, more isolated. Other people feel it’s hindering and makes them less productive. They’d rather see work and personal calendars and contacts integrated.
On the technology side, the Android operating system doesn’t have an MDM engine and containerisation logic built into the OS the way that iOS does. Vendors like Airwatch have been able to build MDM logic and containerisation through application-level configurations and specific APIs to the operating system that they’ve gotten from specific manufacturers.
by Tom Kaneshige, CIO (US)