Hexnode’s CEO on Apple in the enterprise and the transformation of the workplace

Apple’s rapidly growing enterprise market share is generating an expansion in the support services ecosystem for the products. One company to recently enter the Apple device management space is Hexnode. I spent a little time with company founder and CEO Apu Pavithran to see this part of the world through his eyes.

What will the workplace of the future look like? 

As we work through the pandemic, we hear a lot about the new workplace. But no one yet knows what this will be. We know expectations have changed and employees have proved that remote work can be productive, though many managers are having problems making this transition.

How does Pavithran see the future of work?

Looking at it through the lens of device management, he points to the need for cloud-native device management systems. “We can safely say that almost every application will migrate to an entirely cloud-based or hybrid solution in the next few years,” he says.

This move away from on-premises systems to cloud-backed intelligence is likely to show up as increased spending on SAAS, which is certainly what Gartner, IDC, and others expect.

This is also going to generate challenges in terms of handling multi-cloud deployments, applying customer-led pressure on vendors to build solutions that play nice with others,” says Pavithran. “On top of easing the burden of IT administrators, application integration offers many other benefits. Organizations may establish integrations that update their infrastructures and enable agile business operations by combining and streamlining data and workflows between disparate software applications.

“New cybersecurity ideas like SASE result from the growing convergence between existing solutions.”

Hexnode’s boss also sees the new workplace as an intelligent workplace. “From medical to automotive to cybersecurity and E-commerce, AI has strongly impacted almost every industry,” he said, predicting this will continue and accelerate.

Apple is growing in the enterprise

Pavithran definitely sees growth in Apple and Mac market share. Windows was the de facto enterprise OS 10 years ago. Today, the resurgence of Apple means millions of Macs, iPhones, and iPads are in use across every industry. The feedback is that TCO spending falls, productivity increases, and employee loyalty grows when offering such choice.

“Apple played an essential role in turning the MDM industry into what it is today,” says Pavithran. “The device management APIs Apple introduced with iOS 4 in 2010 introduced many new capabilities…. For example, through Apple Device Manager or Apple School Manager, MDMs can onboard any organization-owned Apple device to their fleet. Even the new user enrollment capability was launched so that MDMs can better manage the devices in their arsenal.

“The capabilities Apple has released in supporting device management functionalities have allowed vendors like us to securely manage both personal and corporate-owned Apple devices. Hexnode has seen considerable growth in Apple in the enterprise.”

[Also read: How Apple improved enterprise deployments at WWDC]

The digital transformation of the workplace

Alongside the move to adopt different platforms and practices, the way work works is also changing.

Accelerated by the pandemic, this digital transformation means new challenges and opportunities to keep business leaders up at night.

“It is true that digitalizing the different processes, procedures, and operations of work will see significant benefits in the form of increased productivity, faster provisioning, reduced costs and so on. Unfortunately, the advent of new technologies and solutions requires changes in the traditional methods of operation. Employees, IT administrators, and managers will have to re-learn new techniques to keep up with it. Fortunately, improvisation is one of the greatest boons of our kin, and as new challenges emerge, so do new solutions.”

These include MDM APIs Apple provides, including its relatively recent user enrollment capability to help endpoint management solutions like unified endpoint management (UEM) or mobile device management (MDM) protect user privacy by separating personal and corporate data. 

“I don’t see hybrid work coming to an end any time soon. However, successfully maintaining a remote environment poses many difficulties in both device management and data security,” he says.

That’s why the MDM market is evolving so fast.

“UEMs are even a part of next-generation architecture like zero trust. One of the tenets of zero trust is that you don’t trust either the user or the device. In essence, people must verify that they are who they claim to be, and devices must verify that they are what they claim to be. UEMs are one class of solutions that allow admins this visibility into their remote devices while providing additional security.”

How MDM works with Apple devices

Apple uses Managed Apple IDs to authenticate user enrollment. Controlled and created by enterprise admins in Apple School Manager or Apple Business Manager, Managed Apple IDs are different from regular Apple IDs. They usually handle things like your email, may manage data storage and app provisioning, and will likely feed into endpoint security systems. It is now possible to host both a personal and a managed Apple ID on one device, using containerization.

Containerization means a person’s personal data existence is kept separate — you even get access to your personal iCloud storage — striking a balance between security and privacy for both company and employee.

UEM/MDM systems provide administrators with intricate visibility and management of every device, but this can affect user privacy if containerization is not in play.

The difference between Apple user enrollment and Android

On the outside, both Apple’s user enrollment and Android’s work profile aim to secure corporate resources while respecting employee privacy, says Pavithran.

“Implementation is similar, as both systems create separate virtual containers for work apps and data,” he explains.

However, on Android, the virtual container is visible in the user interface as a separate folder or a section of the app drawer, which means various versions of the same application may be operated with different accounts.

“Unfortunately, since Android only sets a framework for this feature, the scope and capabilities of Android’s work profile changes according to the device manufacturer.”

It works a little differently on Apple, he said, describing it as a “stealthier” approach.

The separate (enterprise) space exists in the backend and is not as visible.

That means that rather than creating parallel applications for personal use and work, “The same application can create a personal profile with a regular Apple ID and a work profile with a Managed Apple ID.”

Pavithran seems reasonably confident Apple will continue to extend the enterprise support it builds into its system. “As Apple makes its APIs more available to third-party vendors, the resulting synergy will surely help secure the enterprise workings of the future,” he said.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2022 IDG Communications, Inc.