Posted on

iOS7 Technical reference guide. | Official Blog of Onefruit

Apple has released a new iOS 7 Deployment Guide on its business website. It is worth a read if you manage iOS devices. You can download it here.

This guide is for IT administrators who want to support iOS devices on their networks. It provides information about deploying and supporting iPhone, iPad, and iPod touch in a large-scale organization such as an enterprise or education institution. It explains how iOS devices provide comprehensive security, integration with your existing infrastructure, and powerful tools for deployment.
Understanding the key technologies supported in iOS will help you implement a deployment strategy that provides an optimal experience for your users. The following chapters serve as a technical reference you can use when deploying iOS devices throughout your organisation.

Posted on

Apple’s BYOD Philosophy

Rich at Securosis

Apple has a very clear vision of the role of iOS devices in the enterprise. There is BYOD, and there are enterprise-owned devices, with nearly completely different models for each. The owner of the device defines the security and management model.

On employee owned devices:

  • The enterprise sends a configuration profile that the user can choose to accept or decline.
  • If the user accepts it, certain minimal security can be required, such as passcode settings.
  • The user gains access to their corporate email, but cannot move messages to other email accounts without permission.
  • The enterprise can install managed apps, which can be set to only allow data to flow between them and managed accounts (email). These may be enterprise apps or enterprise licenses for other commercial apps. If the enterprise pays for it, they own it.
  • The user otherwise controls all their personal accounts, apps, and information on the device.
  • All this is done without exposing any user data (like the user’s iTunes Store account) to the enterprise.
  • If the user opts out of enterprise control (which they can do whenever they want) they lose access to all enterprise features, accounts, and apps. The enterprise can also erase their ‘footprint’ remotely whenever they want.
  • The device is still tied to the user’s iCloud account, including Activation Lock to prevent anyone, even the enterprise, from taking the device and using it without permission.

On enterprise owned devices:

  • The enterprise controls the entire provisioning process, from before the box is even opened.
  • When the user first opens the box and starts their assigned device, the entire experience is managed by the enterprise, down to which setup screens display.
  • The enterprise controls all apps, settings, and features of the device, down to disabling the camera and restricting network settings.
  • The device can never be associated with a user’s iCloud account for Activation Lock; the enterprise owns it.
Posted on

Managed Distribution Volume Purchase Program

Enterprise iOS has discovered that Apple has launched its “Managed Distribution” system for the App Store Volume Purchase Program (VPP). Apple announced the program with iOS 7.

Managed Distribution will allow VPP users to “revoke and reassign apps to different users through MDM, so your organisation retains full ownership and control of purchased apps”. Good news for VPP customers. No longer will your app licences leave with your ex-employees or students.

Apple has also updated it’s VPP websites and guides.

Business VPP Website

Business VPP Guide

Eduction VPP Website

Eduction VPP Guide

Posted on

iOS 7.0.3 – Bug fixes and iCloud Keychain

iOS 7.0.3 - Bug fixes
iOS 7.0.3 – Bug fixes

Apple has released iOS 7.0.3 for all iOS 7 devices. It includes support for iCloud Keychain which was introduced in Mavericks and many bug fixes. Most importantly, the bug that “could cause supervised devices to become un-supervised when updating software”. Good news for education users.


Release notes:

This update contains improvements and bug fixes, including:

  • Adds iCloud Keychain to keep track of your account names, passwords, and credit card numbers across all your approved devices
  • Adds Password Generator so Safari can suggest unique, hard-to-guess passwords for your online accounts
  • Updates lock screen to delay display of “slide to unlock” when Touch ID is in use
  • Adds back the ability to search the web and Wikipedia from Spotlight search
  • Fixes an issue where iMessage failed to send for some users
  • Fixes a bug that could prevent iMessage from activating
  • Improves system stability when using iWork apps
  • Fixes an accelerometer calibration issue
  • Addresses an issue that could cause Siri and VoiceOver to use a lower quality voice
  • Fixes a bug that could allow someone to bypass the Lock screen passcode
  • Enhances the Reduce Motion setting to minimize both motion and animation
  • Fixes an issue that could cause VoiceOver input to be too sensitive
  • Updates the Bold Text setting to also change dial pad text
  • Fixes an issue that could cause supervised devices to become un-supervised when updating software


Posted on

iOS 7 App licensing | Enterprise advantage | Official Blog of Onefruit

One of the biggest iOS 7 advances for enterprise environments is Apple’s new volume licensing model. The new model is a massive step forward and arguably is the most significant enterprise advance that Apple has made in iOS 7. It also has the potential to be a huge competitive advantage over Android in business environments.

From an administrator’s perspective, the new model works very similar to what’s been around for decades – single source software licensing coupled with network-based deployment tools. From a user perspective, it’s extremely similar to the consumer App Store system.

great article by Ryab Fass on the new iOS 7 app licensing for enterprise. 


Posted on

iOS Automatic Web filtering

In all the hype of iOS 7; One feature that could be big for schools, got very over looked. iOS 7 now includes a feature called automatic web filtering. Web filtering allows schools or parents to block adult related content on iOS devices.

The web filtering happens at a very low-level in the iOS operating system which means not only will it work for Safari, but any other 3rd party apps get filtered too.

The filter does seem to be very zealous with it’s filtering but if it’s an issue for your school or child, then it’s better then nothing.

How to activate web filtering in iOS 7

Under “Settings > Restrictions > Allowed Content > Websites” you can find the option to “Limit Adult Content”. This will try and automatically filter out adult content. With the automatic filter on, you still have the option to white and blacklist certain website from this setting page or when you hit a blocked website (your restrictions passcode is need).  

IT administrators can also deploy web filtering in their Configuration Profile through Apple Configurator or MDM.

Posted on

iOS7 for Schools and Businesses | Official Blog of Onefruit

Unless you have had your head in the sand for the last few months, you might of noticed that Apple has released they latest iOS operating. iOS 7 is the latest software update from Apple compatible with all current iPad 2, iPad with Retina display, iPad mini and iPod Touch 5th generation devices, as well as any iPhone 4 or later.

Looking beyond the new colourful UI; iOS 7 is a major upgrade for MDM (mobile device management) education and corporate customers.

Many companies and education institutes, rely on MDM’s to secure and push apps to iPhones and iPads. With iOS 7, Apple is offering MDM customers more control over devices and app ownership then ever before.

A number of MDM’s have already announced day-one support for iOS 7, including Maas360, AirWatch and JAMF’s Casper.

It’s quite incredible how far Apple has come in the enterprise market that was once ruled by BlackBerry. BlackBerry is now just a shadow of its former self, being sold off for $4.7 billion or about what Apple made on iPhone 5c/5s sales in the first weekend.

Apple Store Volume Purchasing Program (VPP) in iOS 7

Even with the launch of the Volume Purchasing Program 2 years ago, buying and assigning apps has still been a pain.

Deploying apps in the layered ownership model meant users would not have the ability to update apps without the corporate Apple ID password or re-syncing with Apple Configurator. If you went down the Personal model. You would have needed to ‘gift’ the apps to the user. If the student or employee left, the app and its cost left with them.

Under iOS 7, MDM’s can now assign VPP licenses to users. When a user leaves, the school or business can revoke the licence and resign it to another user. This works by placing the app in the user’s personal purchase history, allowing them to download updates without needing the corporate Apple ID password. When an app is revoked, the user is given 30 days to purchase the app themselves before the app stops opening. This also works for iBook books.

Per-App VPN in iOS 7

Now IT administrators can configure which apps go down your VPN. This means, only the apps that need access to your corporate network will use the VPN. No longer will your VPN be full of users trying to upload Instagram photos of their lunch.

Free iWork

All new devices now come with Apple’s iWork and iLife suite for free. This includes Pages, Keynote, Numbers, iMovie and iPhoto apps. That’s a saving of over £27 per device!

Caching Server 2 supports iOS 7

In the upcoming release of OS X Mavericks Server, Caching Server 2 supports iOS 7. Caching Server 2 works by caching) purchased content from the App Store, iTunes Store and iBooks Stores on OS X Mavericks Server. This means your users get faster downloads of all their content, including software updates without taking up all your internet bandwidth. Instead of downloading an iOS update for every user (which could be as big as 1GB), the Caching Server only downloads the data once and distributes that to users over the local network.

Apple TV MDM

The Apple TV has become very popular outside of the living room. They offer a convenient method for users to display content from their iPad to a TV or projector screen wirelessly. For anyone who has every been tasked with setup up multiple Apple TVs, you will share in my pain. Entering those WiFi codes with that little remote! Luckily Apple is streamlining this process with iOS 7 by letting you enrol your Apple TVs into your MDM.

 Bulk mutiple device deployment for events

Managed ‘Open in’

No longer can you accidental tweet your companies latest sales figures! When you open a file on a iOS device, you are presented a screen called the “Share Sheet”. This lists all the apps that can accept that file type, e.g Open document in Pages or Share image to Facebook. IT administrators now have control over which apps can process corporate data. This works for both apps and email accounts which means the users personal apps and email, work as normal. So don’t worry, you can still share those photos from the company party!

Open in screen, multiple media partners

Moovweb have created a great parody of Apple’s latest iOS and iPhone event.

Onefruit offer a wide range of USB charge and sync stations to help IT administrators upgrade multiple iPads to iOS 7. Learn more about our iPad charging stations.