Apple @ Work is brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that fully integrates 5 different applications on a single Apple-only platform, allowing Businesses and Schools to easily and automatically deploy, manage & protect all their Apple devices . Over 32,000 organizations leverage Mosyle solutions to automate the deployment, management and security of millions of Apple devices daily. Request a FREE account today and discover how you can put your Apple fleet on auto-pilot at a price point that is hard to believe.
There’s always been a balance between patching macOS and iOS devices quickly when Apple releases software updates with trying to avoid interrupting a user when they’re working. With iOS 16 and macOS Ventura, Apple is enabling a new technology that will enable IT administrators to quickly patch machines outside of the normal software update schedule. This week for Apple @ Work, I want to look at Apple’s Rapid Security Response enhancements in iOS 16 and macOS Ventura.
About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, 100s of Macs, and 100s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.
Although it’s not an enterprise-only feature, Rapid Security Response could be one of the most important enterprise upgrades in this year’s roundup of software enhancements. With Rapid Security Response, important software updates that don’t modify the firmware can be installed without requiring a reboot or end-user interaction. If you’re running the beta versions of iOS 16, iPadOS 16, or macOS Ventura, you can view the setting under the Automatic Updates tab. You’ll notice the option for Install System and Data Files.
How will Rapid Security Response work for supervised devices?
I firmly believe that Rapid Security Response will be a critical way that Apple can patch Macs and iPads against zero-day security threats in the future. When a threat is discovered, Apple can develop the patch and quickly ship it to millions of devices.
When the fall software releases are public, IT administrators will have control over if their devices use Rapid Security Response, and if end users can block the removal of it.
- allowRapidSecurityResponseInstallation – This control will disable Rapid Security Response. It appears that the feature will be enabled by default, so IT administrators should use this command if they want to disable it. I agree with Apple’s decision to enable it by default, but I do applaud them for allowing granular control. In certain environments, IT administrators will need control for each and every update
- allowRapidSecurityResponseRemoval – This control will determine if end users can remove the Rapid Security Response option on iOS or macOS. For the same reason that some IT administrators will want granular control on removing it, others will want to force it on as it could limit zero-day threats hitting your fleet of machines in the future
To recap, updates installed by Rapid Security Response won’t modify the firmware and won’t require a reboot of the device. These updates won’t follow the normal Software Update delivery policies that you implement via your mobile device management system as well.
Author: Bradley Chambers
Source: 9TO5Google