Menu
Are the new Apple MacBook Pros enterprise ready?

Are the new Apple MacBook Pros enterprise ready?

What do IT teams need to do to prepare their environment for these new devices?

Apple finally refreshed its MacBook Pro line-up in August this year with a 13 and 15-inch version of the high performance laptop.

It's the highest performing machine yet from Apple and comes with a redesigned keyboard and stunning graphics display.

As research from Apple IT management specialists Jamf shows, 52 per cent of enterprise organisations now allow employees to choose their own computers, and those employees are increasingly turning to Apple, with 72 per cent choosing Mac devices - Jamf surveyed 580 companies globally for the research.

Sister publication Tech Advisor gave the laptop four out of five stars and there will be plenty of Apple enthusiasts looking to get their hands on them. So, what do IT teams need to do to prepare their environment for these new devices?

Security

The place to start when talking about these machines in an enterprise environment is Apple's proprietary T2 chips.

These promise "a Secure Enclave coprocessor that provides the foundation for secure boot and encrypted storage capabilities," the vendor stated on its website. "It also consolidates many discrete controllers, including the system management controller, audio controller, and SSD controller, into one."

The chip essentially ensures all data stored on the solid-state drive (SSD) is automatically encrypted. Through FileVault, file encryption is tied to a specific Mac, meaning even if a thief gets their hands on the SSD they won't be able to extract anything from it.

This does mean that good data back-up practice is imperative for any MacBook pro user, because a hardware failure could mean all data on that device becomes immediately lost.

This level of performance and security could easily appeal to teams or whole departments within enterprise organisations though, especially in research or creative fields.

Deployment

Any IT teams looking to bring the new MacBook Pro into their environment should be aware that these are the first MacBooks to not support Apple's NetBoot/NetInstall functionality.

Since the Mac OS X 10.7 "Lion" release Apple has been shifting away from this time consuming deployment method towards the Mobile Device Management (MDM) model.

Through Apple's Device Enrollment, IT admins can automate all iOS devices (including Macs) to be enrolled on an organisation's MDM solution of choice, giving the ability to apply consistent settings, apps, access and restrictions as standard.

This method also means that machines are ready to go the second a new user logs into their new machine.

The beauty of this is that the new MacBook Pros should slot into an existing IT framework pretty easily if your organisation is running an Enterprise Mobility Management programme through someone like Jamf or even Microsoft.

However if you are still running an older, server-based model which relies on manual imaging these new machines could cause a bit of a headache.

For example: the new T2 chips come with a secure boot sequence, the default setting of which is "full security mode”.

As Dave Hornby, UK systems engineer at Jamf, told Computerworld UK via email, this means "with full security mode selected any software loaded at boot up (for example the OS itself) needs an internet connection, and to be verified with Apple.

"That last point should set alarm bells ringing for organisations deploying Apple at scale using old fashioned provisioning methods like booting from external drives, or the network to pull down a monolithic “cloned" disk image," he added.

"By the very nature of these two methods, there is no verification with Apple for the integrity of the OS, that the T2 chip requires for the secure boot sequence."

In short this is just another reason why Apple recommends against monolithic imaging methods.

"The last thing organisations should be doing is trying to reverse engineer the process and continue with trying to achieve old imaging techniques," Hornby recommended.

"At the very least, if organisations cannot for whatever reason enrol into DEP, an MDM platform should be looked at for basic management tasks, like remote wiping, remote locking, and disk encryption configurations."

So, all in all these new laptops will certainly appeal to certain enterprise users, and IT teams running a modern MDM platform should have no problems deploying them.

For us, this makes the new MacBook Pro enterprise ready, but only for those organisations that are already on that MDM journey.

(Reporting by Scott Carey, Computerworld UK)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Apple

Featured

Slideshows

Reseller News launches alumnae breakfast for Women in ICT Awards

Reseller News launches alumnae breakfast for Women in ICT Awards

Reseller News hosted the first alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers.

Reseller News launches alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News Innovation Awards 2018: meet the top performing partners

Reseller News honoured the industry’s finest on a standout evening for the New Zealand channel, recognising the achievements of established partners, emerging players and innovative start-ups, in front of over 460 technology leaders in Auckland.

Reseller News Innovation Awards 2018: meet the top performing partners
Show Comments