IBM Security MaaS360

 View Only

Simplifying iOS Updates with Declarative OS Enforcement

By Anuradha Singh posted 21 days ago

  

Introduction:

In today's world, where we rely heavily on our iPhones, keeping them secure is a top priority. Luckily, Apple takes our data protection seriously, and IBM's MaaS360 makes managing our iPhones a breeze. It ensures they get the updates and security patches they need to stay safe and up-to-date. With MaaS360, handling these tasks is easy, giving us peace of mind knowing our iPhones are protected from potential threats. It's comforting to know that both Apple and IBM are working hard to keep our digital lives secure, allowing us to use our iPhones without worry, whether for work or fun.

Understanding the Importance of iOS Updates:

Before we dive into the specifics of how to use MaaS360 for iOS device management, let's first understand why keeping your iPhones updated is crucial. iOS updates not only bring new features and enhancements but also address security vulnerabilities and bugs. By regularly updating your devices, you ensure they are equipped with the latest security patches, protecting them from potential threats and exploits. Additionally, staying up-to-date with iOS versions ensures compatibility with the latest apps and services, enhancing productivity and user experience.

Advantages of Using MaaS360 for iOS Device Management:

MaaS360 makes updating your iOS devices easy and secure:

  1. Customised Updates: You can choose which iOS version or security patch you want to deploy, tailored to your organization's needs.

  2. Efficient Deployment: Update multiple devices at once, saving time and effort. Whether it's one device or a whole group, MaaS360 streamlines the process.

  3. Enhanced Security: Keep your devices safe with the latest software versions and security patches. MaaS360 helps you stay ahead of potential threats, protecting your sensitive data.

Deploying iOS Updates with MaaS360:

Now that we've covered the importance of iOS updates and the advantages of using MaaS360, let's walk through the process of deploying updates to iOS devices using MaaS360:

  1. Log in to the MaaS360 Portal.
  2. Navigate to Device Management.
  3. Choose whether to update individual devices or groups.
  4. For individual updates, go to Devices > Inventory, select the device, and click More > Push iOS Update.
  5. For multiple devices, go to Devices > Groups, select the group, and click Push iOS Update.
  6. Choose the deployment option: Download and Install, Download only, or Install earlier downloaded updates immediately.
  7. Select the iOS version you want to update to.
  8. Initiate the update process by clicking "Push iOS Update."
  9. Customise update settings based on your preferences.
  10. Confirm the update deployment.


    OS Update Dashboard

    The OS update dashboard provides a comprehensive overview of update status and history, facilitating effective management of device updates. Here's a breakdown of its features:

    1. Accessing Update History:

      • Navigate to Devices > Groups to access the update history for multiple devices.
      • Select the desired group and click on "OS Update History" to view detailed information.

    2. Group Update Details:

      • Upon accessing the OS Update History, detailed information about the group of devices is displayed.
      • Information includes:
        • Action Name: Indicates the type of update action performed.
        • Execution Date: Specifies when the update action was performed on the device group.
        • Status: Indicates the current status of the update (e.g., Failed, In Progress, Success).
        • Progress Status: Provides detailed progress information, including the count of devices and colour-coded indicators for different statuses.
        • User/Account: Identifies the user or account responsible for performing the update.

    3. Detailed Update Window:

      • Clicking on the Action name "OS Update Push" opens a detailed window.
      • This window provides further insights into individual devices, including:
        • Device Name: Identifies the device undergoing the update.
        • Status: Specifies the current status of the update for the device.
        • Last Updated: Indicates the timestamp of the last update.
        • Device OS Version: Displays the current operating system version installed on the device.
        • Model: Specifies the device model.
        • User: Identifies the user associated with the device.
        • Actions: Provides options for additional actions or troubleshooting steps.

    4. Status Overview:

      • The dashboard offers a summarised view of update statuses, including the number of devices in each category (Failed, In Progress, Success).
      • Clicking on any status category provides further detailed information regarding the devices within that category.

    Overall, the OS update dashboard streamlines update management by providing detailed insights into update statuses, enabling administrators to track progress, identify issues, and ensure timely and efficient updates for all devices.

    Understanding Update Statuses:

    To monitor the update deployment effectively, it's crucial to understand the various update statuses. Here's a simplified breakdown:

    1. Download in Progress: The update, is currently downloading to the device.
    2. Download Complete, Installation Started: The update has finished downloading, and installation has begun.
    3. Installation in Progress: The device is currently installing the update.
    4. Download Complete: The update, has been successfully downloaded to the device.
    5. Not Applicable: This status may appear if the update isn't compatible with the device or if it's already running a newer version.

    Installing iOS updates on the device:

    • Automatic Download: MaaS360 sends iOS update command, triggering automatic retrieval of software update, eliminating manual steps.
    • User Prompt for Installation: Upon download completion, users receive prompt for installation, with options for immediate or deferred installation, offering flexibility.
    • Passcode Authentication: Devices with passcodes require user authentication before installation, enhancing security by ensuring only authorised users can initiate installations.

    iOS device prompt later or install now

    Simplifying iOS Updates with Declarative OS Enforcement

    Updating your iOS device should be a breeze, and with declarative device management (DDM), it is. DDM takes the complexity out of the update process by allowing you to send just one simple instruction to your device. Once activated, your device handles everything from downloading the update to installing it, all on its own.

    What's great about DDM is that it keeps you in the loop every step of the way. As your device progresses through the update process, it sends you real-time updates on its status. This means you'll always know exactly what's happening with your device without having to lift a finger.

    Understanding Declarative OS Enforcement

    With the shift to Declarative Device Management, as devices within a group upgrade to iOS and iPadOS versions equal to or greater than 17.0, enforcing iOS version will become a simpler and preferred action.       

    • OS Enforcement applies to all supervised devices with iOS versions equal to or greater than iOS 17.
    • It extends its reach to both individual devices and groups of devices.
    • When enforced on a group, devices with iOS versions 17 and above will comply, while those below iOS 17 remain unaffected.
    • No action will be taken if the enforced iOS version is lower than the device's current OS.
    • Successful enforcement also depends on factors such as device network capability, storage availability, and battery level (>20%).

    Selecting Enforce OS version

    Select OS version- Users can choose from any of the available OS versions in the dropdown menu. The latest version is also included as an option.

    Enforcement date and time- Specify the exact date and time for when the installation should begin on the device.

    Organization help URL- Users can enter any help URL. If provided, this URL will be displayed on the device's software update page, as shown in the screenshot below.

    Once an OS enforce action is pushed to a device or group of devices with the selected OS version, date, and time, the statuses can be monitored as follows:

    1. Hardware and OS

      • Click on the Device view.
      • Select Hardware & OS.
      • Check the status under OS Update Status, which indicates whether the OS is being downloaded or installed.

    2. History Tab

      • View the Status and Details for a detailed description, as shown in the screenshot below.

    3. OS Update Dashboard

      • View the list of devices in the group.
      • Check the current version, the enforced version, and the status trail.
      • The status trail shows the progress of the action: Initiated, Download, Install, and Complete.

    4. Device Profile Configuration

      • View the pushed OS version and details, including the enforced date and time.

    5. Device Software Updates

      • Monitor the update status. The screenshot below displays an example where the status is "Downloading".

    Selecting Legacy

    Upon selecting the "Push iOS update (Legacy)", the flow then goes to the legacy which is discussed above.

    Conclusion:

    In conclusion, MaaS360 provides a seamless solution for iOS device management, enabling organizations to effortlessly deploy software updates and security patches. Leveraging MaaS360 ensures iPhones remain secure, up-to-date, and equipped with the latest features. Whether updating individual devices or groups, MaaS360 streamlines the deployment process, saving time and effort while enhancing overall security. With MaaS360, managing iOS updates becomes simpler than ever, empowering organizations to maintain a robust security posture effortlessly.

    0 comments
    22 views

    Permalink