Privacy and Apple: What’s New in 2024
When Apple introduces new operating systems, privacy is at the forefront. What’s coming to Apple’s newest operating systems like macOS Sequoia, iOS 18 and iPadOS 18, continue to improve Apple’s stance on privacy. For organizations managing and securing Apple at work, privacy is not only paramount for your users, but also for your organizational data.
It’s no secret that Apple users are drawn to the industrial aesthetic of Apple’s hardware paired with efficient, simple-to-use software that brings style and substance to almost any computing task. A cornerstone of their design ethos includes privacy and security, which Apple incorporates as a foundational element of all their products.
“At Apple, we believe that privacy is a fundamental human right.” – Apple
This belief is captured in Apple’s four Privacy Pillars. In short, they’ve “simplified engineering privacy into a series of principles” that guide developers on how to design products with privacy in mind.
Privacy Pillars
1. Data Minimization
Requesting and using only the data necessary.
2. On-Device Processing
Data is processed on the device – not sent to a server.
3. Transparency and Control
Users are provided clear understanding and control over how their data is being used.
4. Security Protections
Controls that enforce data privacy across the Apple platform.
Apple and Privacy in everyday use
At its core, Apple’s privacy stance was developed to give users ultimate control of their data. Specifically, it empowers users with the ability to decide:
- What is collected
- Where it is processed
- How it is used
Enforcing user’s choices at the hardware and software levels respectively to ensure user privacy remains, well, private. A real-world example of this in action are the Location Sharing controls available when using a web browser. For example, you’re visiting a website to make dinner reservations. The browser may ask you to share your location to find the nearest restaurant to your current position, prompting the user to choose one of the following:
- Allow once
- Allow while using app
- Don’t allow
Based on the Privacy Pillars, the user’s choice to allow or deny access to their physical location. If choosing to allow, permission may be granted temporarily, only for that session or permanently, based on the user’s privacy appetite. Furthermore, granular controls allow the user to choose to share their precise location, based on exact GPS coordinates, or instead share a more approximate location. Sharing your approximate location may be sufficient for the restaurant’s reservation app while sharing your specific location would be better for the ride-sharing service booked that will take you to the restaurant.
What’s new in privacy for macOS 15 and iOS/iPadOS 18
With every new operating system release, Apple continues to build upon its commitment to privacy and security. With this year’s release of macOS 15, iOS 18 and iPadOS 18, Apple once again delivers on this promise, designing remarkable privacy protections for new technologies and upgrading existing ones, like:
Apple Intelligence
Apple Intelligence is a privacy-centric, personal intelligence system built with generative models at the core of iPhone, iPad and Mac. Due to the tight-knit integration between first-party hardware and software, Apple Intelligence uses on-device processing, which does not collect user data, by default.
When a user engages Private Cloud Compute (PCC) to process a more complex request, data that is relevant to the task is encrypted and transmitted securely to the PCC infrastructure, designed and maintained by Apple – using only Apple-designed hardware. Private Cloud Compute servers provide added cloud security since they are powered by Apple Silicon, utilize the Secure Enclave and Secure Boot to ensure Stateless Computing, or that data remains private and secure end to end without leaving behind a trace after results are delivered:
- From the initial request made on your personal Apple device
- To data processing performed solely by validated PCC nodes
- Guaranteeing secure delivery of results, decrypted only by the requesting device
The ability to lock, prevents launching a protected app unless the user authenticates with biometrics or a passcode. Taking data security and user privacy a step further, protected apps also prevent access to the data contained within the application from being visible, for example, within notification previews, system searches of Siri. Additionally, the ability to hide an app is also available. Similar to locking the app, hiding removes it from view on the Home Screen, instead placing it inside the Hidden Folder in the App Library, though still requiring authentication via biometrics or passcode to unhide.
Passwords app
A centralized, secure location for managing passwords across the Apple ecosystem is what the Passwords app is all about. In order to extend better security hygiene, Apple-designed Passwords is not just an easy way to keep track of credentials or passkeys to websites and apps you use frequently but also helps up password security in several ways that are beneficial to users. Such as:
- Credentials are stored encrypted within Passwords, requiring users to authenticate via biometrics or passcode to unlock them
- The password manager functionality generates passwords that meet complexity requirements so they aren’t easily guessed
- iCloud-based support means credentials are synchronized across all your Apple devices and offers cross-platform availability for Windows computers
- Linking websites to credential entries means Passwords auto-fills your login info to the correct website every time – say goodbye to mistyped URLs
Control access to your Contacts
A new security protection that limits an application’s access to your contacts. Granular access means that users can define whether an app requesting access to their contacts receives either Full Access (all contacts), Limited Access (only the contacts you explicitly select are accessible) or None (no access to any contacts).
The degree of access over which apps can interact with your contacts places control over privacy data in the hands of the user, not unlike the granular access permissions that were updated during a previous OS update allowing users to choose which pictures an app had access to, instead of having full access to your Camera Roll or no access to any photos.
To learn more about the new privacy protections coming to Apple products and services, read our blog here.
How Jamf helps
Jamf stays in lockstep with Apple in how we design our products and services.
We help by:
- Providing organizations a way to test the latest Apple features with iOS and iPadOS 18.1 and macOS 15.1 betas
- Jamf Pro 11.9 supports all current and beta MDM restrictions
- Allowing Jamf products to remain compatible with operating systems the day they are released
The first set of Apple Intelligence features will be available next month for iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1. At that time, we intend to make support available for managing Apple Intelligence features on managed devices based on the documentation Apple has shared.
Take Apple Intelligence for example, the first set of Apple Intelligence features will be available next month (with even more coming later this year). However, organizations can test Apple Intelligence beta features with Jamf Pro 11.9, supporting beta MDM restrictions to allow or disallow Apple Intelligence features like Genmoji, Image Playground, Image Wand and Writing Tools.
Privacy by Design
At Jamf, we also share Apple’s philosophy of designing products and services that protect user privacy. After all, how can something be secure if it’s not private? And, if it’s not secure, then it won’t be private (at least, not for long).
Just as Apple introduced new ways for organizations to protect user privacy while improving organizational security in their newest operating systems, the newest version of Jamf solutions provides full support for Apple’s management frameworks. This not only allows organizations to test publicly released and beta updates for compatibility with their infrastructure but also helps them prepare deployment workflows so they can upgrade on their timetable – not ours!
Apple designs hardware and software with data security and privacy in mind…
Jamf empowers organizations to keep them that way. Experience the Jamf difference for yourself.