iOS 12.2 Changes the way EMM enrolments are performed

Apple will soon release a change in the way non-DEP iOS devices are enrolled into EMM platforms. These changes were first tested in iOS 12.1.3 beta late last year and will soon be introduced in the iOS 12.2 public release.

Apple is making this change in iOS 12.2 “in order to improve the platform security by reducing misleading profile installations.”

This new workflow will affect all EMM vendors and impacts the initial enrollment of BYOD devices in EMM. EMM vendors are working on providing explicit information within their applications/enrolment flows to make it as clear as possible what an end user needs to do; the main change is that the browser will no longer redirect an end user automatically to Settings in order to install a MDM profile, instead end users need to do this manually by coming out of the EMM app and navigating to Settings in order to install the profile. Installation is timed, and will eventually expire.

This change does not affect the enrolment of DEP-enabled iOS devices, only those enrolled manually to the EMM console.

In order to be prepared for this upcoming change you need to:

  1. Test iOS 12.2 beta to see if you find any issues with this new workflow. At this time (February 20th) we are in iOS 12.2 beta 3
  2. Get in touch with your EMM vendor to see what plans they have to change the wording in the application for a better user experience
  3. Keep your end user documentation updated to better navigate this change
  4. Keep an eye open or contact your Apple representative for an official release date of iOS 12.2

My take on this is that with this change Apple is improving the overall iOS platform security by:

  • Giving end users the option to “inspect the details of the profile and install it”
  • Automatically deleting uninstalled profiles after 8 minutes

These benefits come with a cost; organizations will face challenges with the BYOD enrollment process, so should organisations provide corporate-owned devices for employees, they must seriously take into consideration Apple Business Manager and DEP to avoid future complications.

Discuss this article on MobilePros!

Jump straight to the iOS channel for members:

Or click below to join our community:

An Introduction

Hi, thanks for stopping by!

We’re Mobile Pros, a community of experts in the field of enterprise mobility, digital transformation, mobile security and unified endpoint management. Our members come from all walks of life and boast a breadth of knowledge on the various technologies within our industry.

Why do we exist?

Mobile Pros was founded with the intention of bringing a fragmented community together into one central hub, where vendors co-exist, advice and technical support can be provided by hundreds of experts, solutions to problems can be achieved quickly and efficiently, and with so many industry leaders in one place, all members benefit from new developments and announcements as they break.

How do we communicate?

Our primary means of communication is through our slack group where we have a number of channels covering almost every well-known solution and platform on the market! The group is almost always active, and our channel list grows with demand.

What’s in store?

Our website will develop into a hub of useful information contributed by our members, from written guides to useful resources, videos, maybe even a Mobile Pros podcast in future also! We’ll take the best content from our community and present it here for the benefit of anyone who needs it.

Are you a current or prospective member looking to contribute? Join us and use one of the introductory or meta channels to pitch your idea!

We can’t wait to get started!

See you around!

Jason & Eric, MobilePros founders.