Jamf Blog
School iPads managed by Jamf School are stacked on a tabletop.
September 16, 2022 by Laurie Mona

OS 16: How the latest Apple upgrade impacts Education

Check out how Apple’s newest operating system upgrade will impact users in the Education sector.

It’s that time of year again – OS upgrade season, when IT admins look to Apple to release the details of their operating system updates. Since the 'Far Out' event announcing the release of a new range of iPhones and Apple Watches we have also had iOS 16, and soon iPadOS 16, released.

If you manage Apple technology for K-12 or Higher Ed, read on for the significant updates and features of OS 16 that will impact your school’s device management and security solutions.

Managed Device Attestation

Before the days of remote teaching and learning, device security was based on physical location, meaning that to access resources or services, users had to be on-site at their school or university or use VPN. But with cloud services providing resources outside the perimeter of the school or campus, threats can start from outside the building or educational institute.

With OS 16 comes Managed Device Attestation, a new security feature for iPad and iPhone to provide assurances that the device requesting access is the device it claims to be. This makes sure that only genuine devices are able to connect to an organization's server and access resources, by ensuring the iOS/iPadOS identifier (UDID and Serial Number) is authentic and hasn’t been altered or misled by an attacker.

Declarative device management

One of the most prominent Mobile Device Management (MDM) features Apple announced during WWDC was the move to ‘declarative’ management.

Previously, the communication between the iPad and the MDM server was much like a standard conversation. The MDM server contacts the iPad, the iPad responds, the MDM server sends the instruction, the iPad confirms once it has completed. The process can then begin on the next device. This cycle goes on for every install, with the settings change of instruction sent to the device. What declarative management allows is for devices to be autonomous and proactive, not reactive.

For example, if you want to install an app, configure a settings change and have the device update its inventory, this instruction can now be sent as a single declaration for the device to complete, which reduces the amount of back-and-forth communication with the MDM server.

This new functionality, reintroduced at WWDC 2022, will initially support iOS and iPadOS devices enrolled through user enrollment.

Sign in with Apple at School

While Sign in with Apple makes it easy for users to sign into apps and websites using their Apple ID, Sign in with Apple at School adds support for Managed Apple IDs, helping teachers and students sign in with their Managed Apple IDs to access apps and websites that support Sign in with Apple.

With this update, Administrators, Site Managers (Apple School Manager only) and People Managers can control which apps can use Sign in with Apple.

Passkeys

The next evolution of online user authentication is Passkeys. When students or teachers go to a website on their iPad running iOS16 or Mac on ‌macOS Ventura‌ that supports Passkeys, instead of being prompted to enter a password, the user will be asked to authenticate with Touch ID or Face ID.

This update will improve both access and security for younger learners who may struggle to remember passwords, and enable easier accessibility for ASN students. It will also help simplify 1:1 device deployment.

Passkeys is a great technology, particularly for consumers who might not currently use a password manager. But when it comes to organizational use, there is always a need for layers of defense. Beyond Passkeys, schools should be layering on critical device and patch management tools, endpoint security, and web filtering technologies that work together to protect the user from a variety of threats.

Rapid Security Response

Rapid Security Responses don’t adhere to the managed software update delay, enabling admins to make sure devices are secure from malicious threats without having to update the entire OS and risk breaking of apps or hinder teaching and learning workflows.

Security fixes can be shipped to users more frequently with this new mechanism in iOS 16, and soon, iPadOS 16 and macOS 13.

Shared iPad management updates

Default domains: Administrators will be able to include default domains (for example, townshipschools.org) to simplify signing in to Shared iPad. After entering the username into Managed Apple ID, users select their account’s domain from a list in the QuickType keyboard.

Remote authentication: In iPadOS 16, Shared iPad will default to using the local passcode for existing users on the device, requiring no network connection.

Apple configurator updates

In late 2021, Apple introduced Apple Configurator for iPhone, which allows admins to manually add Apple School Manager.

With iOS 16 and iPadOS 16, Apple Configurator for iPhone can now add other iPhones and iPads to Apple Business Manager. This avoids the requirement to connect the iOS device to a Mac in order to use Apple Configurator to add a device to Apple School Manager.

Accessibility

In iOS/iPadOS 16, Apple is allowing MDM to automatically enable and configure a handful of the most common accessibility features, including:

  • TextSize
  • VoiceOverEnabled
  • ZoomEnabled
  • TouchAccomodationEnabled
  • BoldTextEnabled
  • ReduceMotionEnabled
  • IncreaseContrastEnabled
  • ReduceTransparencyEnabled

This will be especially helpful for special education areas or situations where devices may be shared among (but not restricted to) users with special needs, and also allow admins to set accessibility features for students and teachers to personalize devices as needed to improve individual learning.

Same day compatibility and support from Jamf

While these upgrades offer significant improvements for the user experience, for admins the challenge is to make the transition to the new OS as seamless as possible.

The key: ensuring that your applications and software vendors are offering you a compatible solution. Fortunately for Jamf customers, Jamf prides itself on always being same-day compliant so that users and entire organizations can get their hands on the latest operating systems and security features, the moment Apple releases them.

Read more about why same-day support is crucial.

Read more about the iOS 16 updates.

Whether you are brand new to OS upgrades or a veteran looking for a quick refresher, this simplified iPadOS and iOS Upgrade workflow with Jamf School can help.

Simplify your upgrading process

Photo of Laurie Mona
Laurie Mona
Jamf
Copywriter and storyteller.
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.