Are the new Apple MacBook Pros enterprise ready?

Are the new Apple MacBook Pros enterprise ready?

What do IT teams need to do to prepare their environment for these new devices?

Apple finally refreshed its MacBook Pro line-up in August this year with a 13 and 15-inch version of the high performance laptop.

It's the highest performing machine yet from Apple and comes with a redesigned keyboard and stunning graphics display.

As research from Apple IT management specialists Jamf shows, 52 per cent of enterprise organisations now allow employees to choose their own computers, and those employees are increasingly turning to Apple, with 72 per cent choosing Mac devices - Jamf surveyed 580 companies globally for the research.

Sister publication Tech Advisor gave the laptop four out of five stars and there will be plenty of Apple enthusiasts looking to get their hands on them. So, what do IT teams need to do to prepare their environment for these new devices?


The place to start when talking about these machines in an enterprise environment is Apple's proprietary T2 chips.

These promise "a Secure Enclave coprocessor that provides the foundation for secure boot and encrypted storage capabilities," the vendor stated on its website. "It also consolidates many discrete controllers, including the system management controller, audio controller, and SSD controller, into one."

The chip essentially ensures all data stored on the solid-state drive (SSD) is automatically encrypted. Through FileVault, file encryption is tied to a specific Mac, meaning even if a thief gets their hands on the SSD they won't be able to extract anything from it.

This does mean that good data back-up practice is imperative for any MacBook pro user, because a hardware failure could mean all data on that device becomes immediately lost.

This level of performance and security could easily appeal to teams or whole departments within enterprise organisations though, especially in research or creative fields.


Any IT teams looking to bring the new MacBook Pro into their environment should be aware that these are the first MacBooks to not support Apple's NetBoot/NetInstall functionality.

Since the Mac OS X 10.7 "Lion" release Apple has been shifting away from this time consuming deployment method towards the Mobile Device Management (MDM) model.

Through Apple's Device Enrollment, IT admins can automate all iOS devices (including Macs) to be enrolled on an organisation's MDM solution of choice, giving the ability to apply consistent settings, apps, access and restrictions as standard.

This method also means that machines are ready to go the second a new user logs into their new machine.

The beauty of this is that the new MacBook Pros should slot into an existing IT framework pretty easily if your organisation is running an Enterprise Mobility Management programme through someone like Jamf or even Microsoft.

However if you are still running an older, server-based model which relies on manual imaging these new machines could cause a bit of a headache.

For example: the new T2 chips come with a secure boot sequence, the default setting of which is "full security mode”.

As Dave Hornby, UK systems engineer at Jamf, told Computerworld UK via email, this means "with full security mode selected any software loaded at boot up (for example the OS itself) needs an internet connection, and to be verified with Apple.

"That last point should set alarm bells ringing for organisations deploying Apple at scale using old fashioned provisioning methods like booting from external drives, or the network to pull down a monolithic “cloned" disk image," he added.

"By the very nature of these two methods, there is no verification with Apple for the integrity of the OS, that the T2 chip requires for the secure boot sequence."

In short this is just another reason why Apple recommends against monolithic imaging methods.

"The last thing organisations should be doing is trying to reverse engineer the process and continue with trying to achieve old imaging techniques," Hornby recommended.

"At the very least, if organisations cannot for whatever reason enrol into DEP, an MDM platform should be looked at for basic management tasks, like remote wiping, remote locking, and disk encryption configurations."

So, all in all these new laptops will certainly appeal to certain enterprise users, and IT teams running a modern MDM platform should have no problems deploying them.

For us, this makes the new MacBook Pro enterprise ready, but only for those organisations that are already on that MDM journey.

(Reporting by Scott Carey, Computerworld UK)

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Apple



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments