New iOS Security Delay Feature: Implications for Microsoft Intune Enrollment
Introduction
Apple's continuous commitment to enhancing user security is evident in their latest iOS update, which introduces a new feature known as the Security Delay. This addition is part of the Stolen Device Protection suite, designed to deter unauthorized changes to critical device and Apple ID account operations.
This Blog post aims to inform and guide users through the new challenges posed by the iOS Security Delay feature. It also calls upon the expertise of the Intune Team and the broader community to collaborate on solutions that maintain both security and efficiency in device management.
Understanding the Security Delay Feature
The Security Delay feature is a significant step forward in securing devices against theft and unauthorized access. It requires a one-hour waiting period after a successful Face ID or Touch ID authentication before allowing changes to sensitive settings. This includes operations such as changing your Apple ID password, updating security settings, or modifying the device passcode.
Impact on Microsoft Intune Enrollment
The introduction of the Security Delay feature has created a new layer of complexity for users attempting to enroll their iOS devices into Microsoft Intune. The mandatory wait time can interfere with the enrollment process, particularly when setting up or modifying device management profiles that require Apple ID authentication.
Current Workarounds
To mitigate the impact of the Security Delay on Intune enrollment, users can:
Toggel Off ''Stolen Device Protection
Recommended by LinkedIn
After an hour passes
Go to the Settings app again
Further Recommended Mitigation
Calls to Action for the Intune Team and Community
The Microsoft Intune Team is encouraged to consider integrating support for the Security Delay feature into their roadmap. This could involve developing strategies to streamline the enrollment process despite the new security measures.
Moreover, there's an opportunity for the community to contribute by creating an XML Configuration profile that can toggle the Security Delay feature on or off from within Intune's management console. Such a profile would provide administrators with greater control over the enrollment process and device security settings.
Shady Khorshed is a Microsoft enthusiast. He loves writing on iOS/Android, MacOS, Windows 11, Windows 365 and related Microsoft Intune. He is here to share quick tips and tricks for all young professionals.
#MicrosoftIntune #MacOSDeviceManagement #TechSolutions #MobileSecurity #MicrosoftIntune #MobileDeviceManagement #DeviceEnrollment #TechInnovation #Apple #ios #android #decisiontree #microsoft #intune #COPE #COSU #COBO #BYOD #Appprotectionpolicy #Workprofile #devices #design #environment #Learning #MacOS
☑️ Delivery Lead | Agile Transformation Expert | Technical Program Manager 🚀 Driving Enterprise Software Success at Apple , HP, Deloitte & Fortune 50 Firms
7moNice work! I happened to notice that the first two screenshots are of significantly lower quality than the rest (and a bit difficult to read clearly on mobile (ironically). It might be useful to refresh these to be inline with the quality (and size) of the other screenshots.
Support Specialist III at Orrick, Herrington & Sutcliffe LLP
8moGreat job with this.
Web based enrolment is affected however Stolen Device Protection does not impact Apple’s Automated Device Enrollment (aka Device Enrollment Program).