Apple is standardizing device management around Declarative Device Management (DDM) with macOS 27 and iOS 27, migrating from legacy MDM configurations using ProfileAssetReference and enforcing TLS 1.2+ for device management services.

A new AppleCare remote log collection feature will allow diagnostic logs to be uploaded during support engagements to speed up issue resolution.

Safari improves consent for managed apps and sites through unified prompts and clearer explanations in permissions management.

Apple introduces IT-sellable features: IT can purchase and manage app subscriptions in Apple School Manager and Apple Business Manager, along with a managed migration feature to preserve enrollments and settings during data migrations.

IT admins are encouraged to consult the WWDC session on managing Apple devices and the updated Apple Platform Deployment guide for more details.

macOS 27 ends Intel support, with security updates continuing for three more years and Rosetta allowing Intel binaries to run; organizations reliant on Intel should plan upgrades.

New DDM capabilities include provisioning of VPN and network configurations, configuring Apple Intelligence tools, controlling web content filters, introducing a privacy key for device access, and a device health reporting feature to verify hardware authenticity, along with detection of Lockdown Mode status.

Enhanced identity features include mandatory biometric and password authentication on managed devices, an Authenticated Guest Mode with Platform SSO for quick shared Mac logins, and web-based authentication in Platform SSO on macOS 27, plus improved onboarding for Mac-to-Mac migrations and supervised device updates.

Platform SSO expands with web-based authentication, MFA, QR code logins, and streamlined onboarding for data migrations and Return to Service, including language/region settings and mandatory updates for supervised devices.

Apple emphasizes enterprise identity frameworks for human and non-human actors, highlighting agentic AI and on-device, context-aware models as part of Apple Intelligence.

OS updates disable legacy software update management in favor of declarative software update management, with granular control over on-device Apple Intelligence features.

The piece is an Apple @ Work feature sponsored by Mosyle, presenting their platform as a unified solution for deploying, managing, and protecting Apple devices at work.