by Tom Kaneshige

What Does iOS 7 Bring to the BYOD Party?

Aug 26, 20136 mins

Apple's first rule about enterprise features: 'You don't talk about enterprise features.' While you may not hear it from Cupertino, BYOD features abound in iOS 7 and, according to AirWatch's Blake Brannon, they are 'as innovative as we've seen from Apple.'

Apple doesn’t promote enterprise features in its products, instead choosing to be seen as the consumer’s champion—but this doesn’t mean it doesn’t have any.

In fact, Apple’s upcoming mobile iOS 7, scheduled to be released to the general public this fall, is chock-full of great stuff for companies. The release will surely please the growing mass of BYOD employees who will be able to enjoy the native iPhone experience whether they’re using the phone for personal or business use.


“There is so much for the enterprise in this release, across lines of business, in education, healthcare and retail scenarios,” says Blake Brannon, senior product engineer at AirWatch, a mobile device management (MDM) vendor. “It’s as innovative as we’ve seen from Apple since the original MDM in iOS 4. It opens up ways of using these devices that previously were just not possible.”

Slideshow: 10 BYOD Worker Types

The reason for Brannon’s high praise for iOS 7 ranges from new technical features to enhancements to volume-purchasing policies. It’s also a strategic change from Android’s containerization model for serving the BYOD crowd, he says. sat down with Brannon to get his take on iOS 7 in the enterprise: What features are you most excited about?

Blake Brannon: On the BYOD front, there are things like per-app-VPN and “Open in” management, which helps you leverage native apps to get a native, user-rich experience [for your app], but gives you the BYOD kind of protection and privacy that you need to restrict and separate work from play.

It provides the industry with a new way of thinking about containerization and separation of work and personal data. In the past 12 months, the industry has been shifting towards containerization. But iOS 7 is a different perspective that gives what the enterprise wants, in terms of protection of data, and what the employee wants, which is the native experience.

The streamline enrollment process changes the out-of-box experience for setting up and managing these devices. It allows you to not have to build processes around staging and provisioning these devices, because you can really push it out to the end users to do themselves. Resetting the device to reuse it is as simple as issuing a wipe command from the Airwatch MDM tool.

In addition, the volume-purchase program changes how licensing works for mobile apps. Companies have been struggling for the past few years with the model that’s been in place, because of tax reasons, legal reasons, buying in different countries. What are those changes?

Brannon: It’s basically around the ability to issue application licenses to the devices and for the company to continue to own those.

The model in the past has been pushing apps to a user’s device, in conjunction with pushing that license to the employee—and the employee kept and retained that license. If the employee left the organization as part of the BYOD, they would keep that software, which brought forth tax implications, in terms of gifting software to people and things like that. It was just a little bit of a nightmare.

Blake Brannon, senior product engineer at AirWatch

The new model allows the company to retain ownership of that license and to remove it from the employee’s personal phone when they leave the organization. Any BYOD features in iOS 7 flying under the radar?

Brannon: There’s a ton around what Apple calls “supervised devices.” There are several advanced features that allow you to have more robust control over devices. These primarily work more for corporate-owned devices than BYOD.

I am under [non-disclosure agreement], so I’m trying to be cautious about what information is public and what is not. A new feature is setting up things like printers or airplane destinations for the device. So, for example, you can lock down a device so that it mirrors to a certain Apple TV in a retail store or a student in a classroom. It allows you to deploy those devices, but still have the control to prevent tampering or use outside of the role they’re intended to be used for. Is there anything missing in iOS 7?

Brannon: There are always features on the [wish list]. The one that sometimes comes up is around operating system control. In the grand scheme of things, it’s not really a feature you’re going to use, especially in BYOD. But being able to prevent or enforce the OS version sometimes is a scenario for line-of-business devices. That’s not necessarily something we saw in iOS 7. Does iOS 7 reduce Airwatch’s value proposition?

Brannon: I get this question a lot. Absolutely not. [What] Apple builds around these features are really APIs that are dependent upon MDM to enable. Just because they create an API that allows you to control “open with” doesn’t mean that the feature is turned on without a management tool. If anything, all of these new features grow our business and expand our market scope, in terms of the ability to manage different devices for different scenarios. Is iOS 7 way ahead of the game, in comparison to Android?

Brannon: iOS 7 allows you to do BYOD in more of a native experience on the device, whereas the Android path is built around doing BYOD in a containerized way.

There are absolutely manufacturer-specific APIs that allow you to do native mail client, native policies on select manufactured Samsung HTC, Motorola-type devices. But as a whole on the Android front, you’re seeing a little more adoption around BYOD containerization.

It’s a philosophical divide in some scenarios. In some cases, people want [containerization] because it feels more separate, more isolated. Other people feel it’s hindering and makes them less productive. They’d rather see work and personal calendars and contacts integrated.

Slideshow: 12 BYOD Disaster Scenarios

On the technology side, the Android operating system doesn’t have an MDM engine and containerization logic built into the OS the way that iOS does. Vendors like Airwatch have been able to build MDM logic and containerization through application-level configurations and specific APIs to the operating system that they’ve gotten from specific manufacturers.

Tom Kaneshige covers Apple, BYOD and Consumerization of IT for Follow Tom on Twitter @kaneshige. Follow everything from on Twitter @CIOonline, Facebook, Google + and LinkedIn. Email Tom at