An Enterprise Guide to iOS 11

Hi Everyone!

There’s always tons of “What’s new in iOS 11 and blah blah” but no one ever focuses on what people in the enterprise need to be successful. I wanted to take some time and highlight some of the key features that are coming in iOS 11 that matters. We might as well get into it!

App Switcher/Dock

On the iPad, they have introduced the Dock you know from the Mac, as you can see below which you can access on the home screen or inside of any application.


You can now use it to drag an application directly into the one you are already using to initiate Slide Over/Split View. If you recall, Slide Over is that whole 70-30 view whereas Split View gives you essentially a split screen with two apps that are fully usable.


The end result essentially looks like this, which you are familiar with today, such as you can see below which is showing Safari and Apple Notes. I should point out that this isn’t without its pain points. A few of the issues that you will run into:

  • You have to drag apps to the dock before you can use them in any of the multi-tasking features
  • If an app doesn’t support split view (and A LOT OF THEM DON’T), it is not that intuitive. It basically just doesn’t work. It makes you feel like its a bug, but it’s just a 🙁


Files App

This application has the potential to be a game changer for your iPad users. If you think about it holistically, you can replace many of the functions that a Macbook Air used to provide people with having a legitimate file system on the Mac now. There is a lot to cover on this application because it can be somewhat vague.

First, we have “Locations” which basically is how this app gets a lot of its usefulness. This let’s you add other cloud providers into Files, which we basically have no control over at all right?!

WRONG! A great move on Apple’s part but WILL create some challenges from a user experience perspective. When you have a MDM-managed cloud storage provider, they cannot be used in the Files App provided you are (AND YOU SHOULD BE) using the DLP restrictions aka Restrict Managed Docs in Unmanaged Destinations. So that basically kills the whole BYOD approach to cloud storage 😀 One thing you should be of aware here. If they decide to delete your MDM-managed DropBox and install the public one, it will still be MDM-managed unless you push deletion from your MDM console. That typically happens because the device check-in still sees it as managed because a check-in never happens after the removal by design (they are setup to check-in at different intervals).

You can also save files for Offline use, by clicking the little cloud icon we are so accustomed to. The application also provides a lot of the drag and drop functionality, but one of the challenges is that many of the cloud providers are not fully integrated into Files still. DropBox can open files, but you can’t do all that much with it. The only provider that I found thus far that has a full featured experience is Box. My testing at this point shows that Box supports drag and drop but not between iCloud Drive and Box.


The only real value I found with Drag and Drop in the Files App is dragging multiple files to be tagged.


New Screenshot Engine

The new workflow with Screenshots is absolutely amazing as someone who authors a ton of technical documentation.

First, you take your normal screenshot like we all do with Power button+ home button. You can see from my screenshot below, that it takes you to this editing pane where you can drop, highlight, and do basically whatever you want.


It’s pretty nice and dynamic which I love because it makes me not have to spend 5-10m messing around with SnagIT to do what I need to do


The best part is that when you are done, you get the option to either save it or trash it. My iCloud Drive quota thanks you iOS 11!


Screen Recording

This is another very useful feature. We have been trying to solve how to actually help users when we can’t see their screen. I know personally I’ve done some crazy stuff with Apple TVs, AirPlay, and other stuff to try to do screen shares and its a pain. They have now added the screen recording feature, which I find to be quite useful. To enable it, you:

  1. Go to Settings > Control Center
  2. Tap Customize Controls and enable Screen Recording

Now when you swipe up from the bottom of the screen on the home screen, you will see this neat new icon. You just have to do is tap that icon, and then its 3-2-1 ACTION! You basically go and perform various actions on the device to show people what you are trying to do.


Now, here’s why my blog is better than most of them. The thing that no one is really telling you is how to capture audio. So here I am, to tell you how! Press and hold on the icon and you can tap to enable the microphone audio


MDM Enhancements

I think it’s very important to cover the new MDM enhancements available in iOS 11 as that is what most of us administrators really care about. So let’s break that down!


AirPrint will now be able to specify Ports and you can force TLS. Additionally you can now perform a number of controls on supervised devices:

  • Disable AirPrint
  • Disable Keychain Storage for AirPrint
  • Require Trusted Cert Chain for TLS
  • Disable iBeacon discovery for AirPrint printers

DNS Proxy

I’m going to cover this in depth because most people don’t even know what it is. It went under the radar at WWDC, but the DNS Proxy is pretty cool. It is something you extend from the Network Extension framework. DNS Proxy which is part of your application, will allow the application to receive the system’s DNS queries and handle them in a customized way. You are able to send DNS to a recursive resolver over TLS or plain HTTP for additional security.

Apple has provided a DNS Proxy Payload that you can push to the device, which tells the device what application uses the DNS proxy, which DNS proxy to use (in the event that an app has multiple ones), and a configuration that you can deploy to your provider.

General Controls

We also have a few new general/restrictions controls that they are providing us now:

  • Disable the ability to remove system applications (Supervised)
  • Disable creation of manual VPN configurations (Supervised)
  • Minimum/Maximum TLS versions 1-1.3 for IKEv2 or WiFi for EAP-TLS.
  • There’s a rumor you will be able to configure the supported IP version for APNs but that hasn’t reached their Configuration Profile Reference Guides

Final Comments

I know that I could have been like everyone else and tell you about the new Apple App Store and iMessage and blah blah. My focus with this article is to give you what you really need and want. The fluff is irrelevant. It’s all about being productive in an enterprise. These little things make you more productive and provide a very intuitive user experience. I will probably add to this blog more, but I think this will be a great help to get you started.

Leave a Reply

Scroll to Top
%d bloggers like this: