Menu
Are the new Apple MacBook Pros enterprise ready?

Are the new Apple MacBook Pros enterprise ready?

What do IT teams need to do to prepare their environment for these new devices?

Apple finally refreshed its MacBook Pro line-up in August this year with a 13 and 15-inch version of the high performance laptop.

It's the highest performing machine yet from Apple and comes with a redesigned keyboard and stunning graphics display.

As research from Apple IT management specialists Jamf shows, 52 per cent of enterprise organisations now allow employees to choose their own computers, and those employees are increasingly turning to Apple, with 72 per cent choosing Mac devices - Jamf surveyed 580 companies globally for the research.

Sister publication Tech Advisor gave the laptop four out of five stars and there will be plenty of Apple enthusiasts looking to get their hands on them. So, what do IT teams need to do to prepare their environment for these new devices?

Security

The place to start when talking about these machines in an enterprise environment is Apple's proprietary T2 chips.

These promise "a Secure Enclave coprocessor that provides the foundation for secure boot and encrypted storage capabilities," the vendor stated on its website. "It also consolidates many discrete controllers, including the system management controller, audio controller, and SSD controller, into one."

The chip essentially ensures all data stored on the solid-state drive (SSD) is automatically encrypted. Through FileVault, file encryption is tied to a specific Mac, meaning even if a thief gets their hands on the SSD they won't be able to extract anything from it.

This does mean that good data back-up practice is imperative for any MacBook pro user, because a hardware failure could mean all data on that device becomes immediately lost.

This level of performance and security could easily appeal to teams or whole departments within enterprise organisations though, especially in research or creative fields.

Deployment

Any IT teams looking to bring the new MacBook Pro into their environment should be aware that these are the first MacBooks to not support Apple's NetBoot/NetInstall functionality.

Since the Mac OS X 10.7 "Lion" release Apple has been shifting away from this time consuming deployment method towards the Mobile Device Management (MDM) model.

Through Apple's Device Enrollment, IT admins can automate all iOS devices (including Macs) to be enrolled on an organisation's MDM solution of choice, giving the ability to apply consistent settings, apps, access and restrictions as standard.

This method also means that machines are ready to go the second a new user logs into their new machine.

The beauty of this is that the new MacBook Pros should slot into an existing IT framework pretty easily if your organisation is running an Enterprise Mobility Management programme through someone like Jamf or even Microsoft.

However if you are still running an older, server-based model which relies on manual imaging these new machines could cause a bit of a headache.

For example: the new T2 chips come with a secure boot sequence, the default setting of which is "full security mode”.

As Dave Hornby, UK systems engineer at Jamf, told Computerworld UK via email, this means "with full security mode selected any software loaded at boot up (for example the OS itself) needs an internet connection, and to be verified with Apple.

"That last point should set alarm bells ringing for organisations deploying Apple at scale using old fashioned provisioning methods like booting from external drives, or the network to pull down a monolithic “cloned" disk image," he added.

"By the very nature of these two methods, there is no verification with Apple for the integrity of the OS, that the T2 chip requires for the secure boot sequence."

In short this is just another reason why Apple recommends against monolithic imaging methods.

"The last thing organisations should be doing is trying to reverse engineer the process and continue with trying to achieve old imaging techniques," Hornby recommended.

"At the very least, if organisations cannot for whatever reason enrol into DEP, an MDM platform should be looked at for basic management tasks, like remote wiping, remote locking, and disk encryption configurations."

So, all in all these new laptops will certainly appeal to certain enterprise users, and IT teams running a modern MDM platform should have no problems deploying them.

For us, this makes the new MacBook Pro enterprise ready, but only for those organisations that are already on that MDM journey.

(Reporting by Scott Carey, Computerworld UK)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Apple

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments