Apple Business Essentials
Apple (Tim Cook, MacRumors, Hacker News):
Apple today announced Apple Business Essentials, an all-new service that brings together device management, 24/7 Apple Support, and iCloud storage into flexible subscription plans for small businesses with up to 500 employees. The company also unveiled a new Apple Business Essentials app that enables employees to install apps for work and request support.
[…]
Within Apple Business Essentials, Collections enable IT personnel to configure settings and apps for individual users, groups, or devices. When employees sign in to their corporate or personally owned device with their work credentials, Collections automatically push settings such as VPN configurations and Wi-Fi passwords. In addition, Collections will install the new Apple Business Essentials app on each employee’s home screen, where they can download corporate apps assigned to them, such as Cisco Webex or Microsoft Word.
[…]
When a business adds AppleCare+ for Business Essentials to its plan, they get 24/7 access to phone support, training for both IT administrators and employees, and up to two device repairs per plan each year.
The subscription plan uses device-management features Apple introduced in iOS/iPadOS 15 and macOS Monterey, and is in a free beta test beginning Wednesday and lasting through next spring. Per-user pricing will start at $2.99 per month and increase based on the number of devices and amount of iCloud storage allotted to individual users.
Company IT managers can administer users on an Apple-hosted web interface, and then instruct their users to log in with a company-assigned Apple ID. Managers can enforce certain security policies and distribute apps (via the new Apple Business Essentials app). On personal devices, corporate-based data and personal data are kept cryptographically separate.
Unless I’m misreading this, Apple is entering the same market as Jamf and Kandji (editor’s note: both are previous sponsors at DF) and the other MDM companies that specialize in Apple devices. I’m curious what they mean by “backup” here, because iCloud only does backup for iOS devices. Does this program somehow back up Macs to iCloud, or, is Apple just pretending like that’s not a problem?
Regarding Apple’s release of a subscription service for small businesses today, the addressable market is 212 million world-wide with about 30 million in the US alone. Apple’s attack from below is well underway.
Update (2021-11-12): Armin Briegel:
It looks as if ABE uses MDM commands only, with no local agent other than a “Apple Business Essetials” self-service app. This is standard for iOS and iPadOS, but will make the management options for Macs very limited. For many MacAdmins this will disqualify ABE for “serious” Mac management.
Keep the target audience in mind, though. For many organizations managing iPhones and iPads in business will be the main benefit of ABE and enforcing some management settings on the Macs will be a nice bonus. After all, even the little management possible with MDM commands will be better than no management at all.
[…]
Apple is targeting the “low-end” for device management. They are competing less with Jamf Pro and Workspace One, and more with Jamf Now, SimpleMDM, Mosyle Business, Kandji and Addigy. But when you look at the feature set, Apple’s cannot really compete with any of these, but they provide a minimal or, well, “essential” step up from “no management.” It’ll be up to the vendors to provide features and value above this new, essential, base line.
Overall, I think this is an exciting and promising announcement. There is also the hope, that since Apple is now building and selling their own management system*, this will result in improvements to the MDM protocol and Apple platform management for all.
4 Comments RSS · Twitter
Still hoping for a more comprehensive backup story.
Apple entering the MDM market was inevitable. They'll hopefully be a good non-sherlocking citizen: give third parties a level playing field, and don't try to address specialized concerns; other players exist for that.
I wonder where this puts Fleetsmith, which is partially agent-managed? Hopefully it means more capability forthcoming in the MDM machinery.
If I could choose, I'd self-host. I'm too small to do that (needs DEP and APNS client cert at cost), so I'd have to use a native hosted MDM solution like SimpleMDM, instead, that lets me bring in other tools for the mucky bits, with self-service enrol. (macOS Server isn't practical with other public web servers on a single public IP address without a lot of fugly and flaky reverse-proxy hackery. It is also, frankly, perfectly horrible as a server in any case, and seems to be basically abandonware used as a kind of public reference.)