“A looming set of changes to the macOS has some administrators worried that the way they manage and configure Apple systems might also need to be modified,” Shaun Nichols reports for The Register.
“Those changes, which have only been partly revealed by Apple, will see a new file system implemented in the OS and, in the process, a lockdown of key components of the OS – away from attackers and admins alike,” Nichols reports. “Central to the idea is the Apple File System (APFS), a technology Cupertino already uses for iOS that is currently being offered for tests in preview versions of macOS Sierra, with plans for a bootable release next year.”
“When the shift does happen, some admins believe Apple will also institute a number of the security policies and protections being used for iOS devices – such as isolating and protecting core system files – that were described loosely by Apple in its 2016 Black Hat security talk,” Nichols reports. “That move would likely include a shift in the way Apple devices are managed in the enterprise. Administrators would no longer be able to change basic system files – instead, permissions and policy would be instituted via the same Mobile Device Management (MDM) system used for managing iOS devices such as iPads and iPhones.”
Read more in the full article here.
MacDailyNews Take: APFS will be a boon for the Mac. We expect any Mac management system Apple deploys would be robust.
I have zero faith in Apple to care about or support the enterprise/education/professional environments.
The money is made with disposable mobil devices.
100,000 Macs (and growing) deployed within IBM says otherwise
Apple is turning the Mac into a throwaway toy, with HW and SW.
Anything that can be implemented in SW can be defeated by SW. A Fool’s errand.
There is a thriving Mac Admin community, full of great open source tools. You guys don’t know what you are talking about.. For instance, I think there are 7 guys that take care of the entire Google Macbook fleet (over 100,000 machines). They are in complete control.
https://github.com/google/macops
https://github.com/google/simian
Mac in the enterprise is not only thriving – its exceeding all client expectations for ease, cost and flexibility..
I alone manage 3000+ macs and it couldn’t be easier.. JAMF Casper is the tool of choice among Mac admins.
To all those who say, “Don’t worry. Mac administration is just fine.”, the issue is not how good or bad the situation is today. It’s about what may happen in a year or two.
The fear comes from what happened with servers. Many years ago, Mac OS X Server was very customizable and administrators had a lot of control over it. Today, “macOS Server” is much, much lest customizable and administrators have less control. The fear is that Apple will go the same route with general Mac administration: Lock everything down in the new macOS and give admins many fewer options to tailor Macs under their control to fit their specific needs and requirements.
I don’t know if that’s all bad. The IT folks where I work tailor the setup they provide me based on what they think I need, not what would actually work best for me. I’ve learned long ago not to ask for any changes, because the answer is always “No. We know best.”
“because the answer is always “No. We know best.”
My experience at GE says: No, We do not know best, but thats how we are doing it.
I don’t work there any more.
” the issue is not how good or bad the situation is today. It’s about what may happen in a year or two.”
Exactly
Mac user since 1988. Not so trusting anymore.
Trust but verify.
Will we be able to trust and will we be able to verify?
No self respecting Mac Admin uses OSX Server to manage their macs anymore.. They go to some other more robust solution.
This article is stupid.
Seems like those with lots of experience are perfectly happy with how they manage Macs in the enterprise. But there will always be folks willing to find fault with Apple’s way, even if they don’t have as much experience in the topic being discussed.