Mac administrators seeing changes on the horizon, new plans could alter how Apple machines are managed

“A looming set of changes to the macOS has some administrators worried that the way they manage and configure Apple systems might also need to be modified,” Shaun Nichols reports for The Register.

“Those changes, which have only been partly revealed by Apple, will see a new file system implemented in the OS and, in the process, a lockdown of key components of the OS – away from attackers and admins alike,” Nichols reports. “Central to the idea is the Apple File System (APFS), a technology Cupertino already uses for iOS that is currently being offered for tests in preview versions of macOS Sierra, with plans for a bootable release next year.”

“When the shift does happen, some admins believe Apple will also institute a number of the security policies and protections being used for iOS devices – such as isolating and protecting core system files – that were described loosely by Apple in its 2016 Black Hat security talk,” Nichols reports. “That move would likely include a shift in the way Apple devices are managed in the enterprise. Administrators would no longer be able to change basic system files – instead, permissions and policy would be instituted via the same Mobile Device Management (MDM) system used for managing iOS devices such as iPads and iPhones.”

Read more in the full article here.

MacDailyNews Take: APFS will be a boon for the Mac. We expect any Mac management system Apple deploys would be robust.


  1. Mac in the enterprise is not only thriving – its exceeding all client expectations for ease, cost and flexibility..

    I alone manage 3000+ macs and it couldn’t be easier.. JAMF Casper is the tool of choice among Mac admins.

  2. To all those who say, “Don’t worry. Mac administration is just fine.”, the issue is not how good or bad the situation is today. It’s about what may happen in a year or two.

    The fear comes from what happened with servers. Many years ago, Mac OS X Server was very customizable and administrators had a lot of control over it. Today, “macOS Server” is much, much lest customizable and administrators have less control. The fear is that Apple will go the same route with general Mac administration: Lock everything down in the new macOS and give admins many fewer options to tailor Macs under their control to fit their specific needs and requirements.

    1. I don’t know if that’s all bad. The IT folks where I work tailor the setup they provide me based on what they think I need, not what would actually work best for me. I’ve learned long ago not to ask for any changes, because the answer is always “No. We know best.”

    2. ” the issue is not how good or bad the situation is today. It’s about what may happen in a year or two.”


      Mac user since 1988. Not so trusting anymore.

      Trust but verify.

      Will we be able to trust and will we be able to verify?

  3. Seems like those with lots of experience are perfectly happy with how they manage Macs in the enterprise. But there will always be folks willing to find fault with Apple’s way, even if they don’t have as much experience in the topic being discussed.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.