Apple’s annual Worldwide Developer Conference (WWDC) is where the new operating systems for Mac, iPhone, iPad, Apple TV and Apple Watch are announced. The Keynote highlights the new features for the consumer, while sessions through the week provide more details for developers about the new features and how they can implement them in their apps. There is also a small enterprise track, where we learn about new the possibilities and challenges of managing Apple devices.

WWDC21 took place last week, once again virtually. All the sessions are recorded in advance, and can be watched at https://developer.apple.com/wwdc21/ or through the Developer app for macOS and iOS.

Highlights for users


Responding to changes in how we communicate during the pandemic, Apple have added new modes to their video chat service, FaceTime, to bring it closer to the functionality of videoconferencing apps such as Zoom and Teams. It is now available across all platforms via the web, so is not just confined to Apple device users. FaceTime also now offers the ability to remotely share a viewing experience, such as synchronised movie watching or listening to music.

OCR everything

The new Live Text feature in iOS 15 brings text recognition to the camera and your existing photos. Telephone numbers and email addresses are recognised, allowing instant phone calls or emails just by pointing the camera at a sign.

The feature also recognises handwriting, so that you can digitise your handwritten notes. Searching for text will also find any photos that have recognisable text in them that matches the search. It can also be used to translate text directly from photos or the camera.


Temporary iCloud storage for data transfer

The easiest way to migrate to a new iPhone is via iCloud backup, but unless you pay for additional storage, the free 5GB storage is unlikely to provide enough room. Now, Apple will provide unlimited temporary storage for you to perform the migration to a new device.


Find My works on erased devices

Apple’s “Find My” service can locate your lost Apple devices. The recently released AirTags also allow you to locate any item which has the AirTag attached to it. Location is obtained through proximity to any Apple device in the world.

Now, even if your lost or stolen devices have been erased or are turned off, they can be located. If you lock a device via Activation Lock after being lost or stolen, even after erasing and reinstalling the OS, the welcome screen will clearly indicate that the device is locked and owned by someone else.


Health data sharing with family

It will now be possible to share health data with family, doctor and care workers. New features in Apple Watch which can detect falls and fall risk and analyse health trends over time could help families care for their elderly relatives.


Use iPads and Macs as additional displays

Apple have improved on the “Sidecar” feature which allows you to use an iPad as an external display for a Mac, allowing the iPad to be seamlessly connected when it is nearby. It also allows you to use your Mac’s keyboard and trackpad to control the iPad.


Additionally, it is now possible to wirelessly use any recent Mac as an external monitor, replacing an old feature called Target Display Mode that was previously confined to specific models of iMac.


Shortcuts app for Mac

Mac users may be familiar with the Automator app, which has for years allowed you to create workflows with zero or minimum scripting. The Shortcuts app for iOS provided possibilities to create multi-event workflows in a similar way, and Shortcuts is now being released for Mac, designed to eventually replace Automator. Shortcuts for Mac will include the ability to add AppleScript or shell scripts to the workflow.

As Shortcuts will be able to be shared as files, this could offer opportunities for IT administrators to provide useful one-click workflows for users.


Passwords in System Preferences, built in two-factor authenticator

Apple is looking to provide a built-in password manager by moving the Safari passwords into System Preferences. Unlockable via Touch ID, it makes it easy to use to store secrets for apps as well as websites.


In addition, if a website offers two-factor authentication, verification codes can be set up without needing an additional app such as Google Authenticator or Authy. Once set up, verification codes are autofilled when accessing the site.


Changes for administrators

Hardware compatibility

These Mac models remain compatible with macOS Monterey:

  • MacBook models from 2016 or later
  • MacBook Air models from 2015 or later
  • MacBook Pro models from 2015 or later
  • Mac mini models from autumn 2014 or later
  • iMac models from autumn 2015 or later
  • iMac Pro (all models)
  • Mac Pro models from 2013 or later

The following Mac models were compatible with macOS Big Sur, but are not compatible with macOS Monterey:

  • 2014 iMac
  • 2013/2014 MacBook Air
  • 2013/2014 MacBook Pro
  • 2015 MacBook

iOS 15 and iPadOS 15 have the same hardware requirements as iOS 14 and iPadOS 14.

Improvements to Software Updates on Mac

New with macOS Big Sur 11.4, we can use MDM configuration profiles to defer major upgrades to macOS for a different period of time as minor updates. This means we can hide macOS Monterey for up to 90 days while allowing security fixes to macOS Big Sur to be made available.

New in macOS Monterey, we will be able to enforce software updates, by setting a maximum number of deferrals that a user can use before updates will be forced. This will be done via an MDM command rather than a configuration profile, so at ETH Zürich we will need Jamf to provide us with a solution to use this new feature.

Erase all Contents and Settings on Mac

macOS Monterey brings a new option for a user to Erase all Contents and Settings on their Mac, directly from the System Preferences menu.

This wipes all user data, applications and settings, without having to reinstall the OS, just like we can already do on iPhones and iPads. This will greatly simplify and speed up device re-provisioning. It has been stated that we will be able to block this setting via configuration profile, as well es use an MDM command to remotely erase and re-provision the Mac from the Jamf console.

Add any recent Mac to Apple School Manager

Automated Device Enrollment provides a quick and simple mechanism for rapidly bootstrapping new Mac computers. Until now, to use this we relied on vendors to assign devices to Apple School Manager. Now we will be able to add new Mac computers that were not purchased through an authorised reseller into Apple School Manager, with the use of a new iPhone app called “Apple Configurator for iPhone”. Departmental administrators should be able to perform this themselves, and then contact Client Delivery to move the device into their Jamf instance.

Note that this only works on Mac computers with a T2 or M1 chip, so older Macs cannot be enrolled this way.

Python 2 deprecation

Python 2 has been deprecated since January 2020, but is still installed by default on macOS. In macOS Monterey, any script or app that attempts to launch python2 will trigger a warning message, and the python command or process will not proceed until the OK button is clicked. Any administrators that have developed their own scripts will need to be aware of this as it could prevent their scripts from running, especially if they are run remotely or on a schedule. We will try to ensure that any remaining scripts that Client Delivery use through Jamf Pro will be removed or converted to shell, well before the public release of macOS Monterey.

Declarative Device Management

One of the biggest enterprise changes announced is a new form of mobile device management (MDM). Apple’s current MDM schema requires constant polling of the MDM server from clients to check for newly issued commands and preferences, and provides no feedback as to whether commands were successfully issued and acted upon. Declarative Device Management moves a lot of the work onto the client, allowing less polling and providing the ability for a client to react to a change in state without prompting from the MDM server. It will move Apple’s MDM more into line with configuration management tools such as Puppet and Ansible.

This is a big change that will take years to become fully featured. At first, it is only being made available on iOS devices enrolled to an MDM server via User Enrollment, a form of enrollment designed for BYOD devices which we cannot yet use at ETH Zürich. However, it will eventually offer possibilities to control Apple devices in a more predictable and reliable way.

Text and Impressions

Graham Pugh, ETH Zürich, IT Services Client Delivery – Apple@ETH, Community Head – Systems and Workplace Management

Posted on
in News Tags: ,,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.