At WWDC25, Apple announced a set of updates to simplify IT management for enterprises. These updates, spread across macOS 26, iOS 26, iPadOS 26, tvOS 26 and visionOS 26, introduce practical tools to improve device, application and user management.

This article outlines the specific capabilities and how they can be applied effectively in enterprise environments.

Enhanced Apple Business Manager for flexible device management

Apple Business Manager (ABM) improvements in iOS 26, iPadOS 26 and macOS 26 bring enhanced flexibility to enterprise IT operations. Being able to migrate devices between Mobile Device Management (MDM) solutions means that businesses can react to evolving technological requirements or vendor changes without needing to reconfigure devices manually. For example, an organization switching to one of Ivanti’s on-premises solutions to Ivanti Neurons for MDM can retain operational continuity by utilizing the new ABM Device Migration APIs while aligning configurations with the latest policies.

Administrators can now enforce enrollment deadlines for Managed Apple Accounts, helping enterprises integrate new devices into their IT systems on schedule. This feature is particularly helpful for compliance with internal policies or regulatory requirements, ensuring devices are accounted for during deployments.

Enhanced onboarding processes with Account Driven Enrollments, supported by the Service Discovery API, simplify enrollment by enabling preconfigured settings to guide users through setup. This reduces time spent onboarding large numbers of employees or devices.

Organizations can also bolster account security with stricter access controls. By allowing only Managed Apple Accounts during device setup and login, enterprises can prevent personal accounts from compromising company data or workflows. Additionally, including warranty and AppleCare coverage details lets enterprises plan for the entire lifecycle of their devices, optimizing replacement or support strategies to maintain productivity while minimizing downtime.

Modernized app management with Declarative Device Management

Declarative Device Management (DDM) updates provide better tools for managing app lifecycles in enterprise environments. Administrators get granular control over app installations and updates, so you can enforce mandatory upgrades for security-critical applications or postpone non-essential updates to avoid disruptions during critical operations. Similarly, the ability to pin apps to specific versions can stabilize environments where software dependencies are tightly coupled.

Real-time reporting of app installation and update statuses offers IT teams actionable insights into compliance and troubleshooting. For instance, administrators managing thousands of devices can track which apps are outdated or whether installation errors occurred, resolving issues without delays. Furthermore, organizations managing extensive mobile fleets can restrict app downloads over cellular data to conserve bandwidth and ensure adherence to security policies, useful in industries with strict data regulations or cost-control measures.

Updates to macOS 26 let enterprises scale their device operations more effectively. Declarative Application Management lets administrators deploy apps — whether they are from the App Store or custom-built solutions — across thousands of devices simultaneously, streamlining rollouts during enterprise deployments or product launches. The ability to deploy .pkg files caters to organizations relying on proprietary software or specific configurations.

VisionOS 26 also supports deploying managed applications via DDM.

Improved Safari configuration for efficiency and compliance

Safari updates bring practical configuration tools that enterprises can use to align browser settings with organizational needs. Administrators can now preconfigure bookmarks to direct employees to relevant software tools, company websites or knowledge bases upon login, reducing onboarding times and improving workforce efficiency. You can set landing pages to match company branding and guarantee employees start their browsing sessions on compliant and secure portals, which is especially useful for maintaining organizational policies.

Better audio accessory management for shared device scenarios

For shared device deployments, such as in healthcare, education or retail, Apple’s enhanced audio pairing management introduces useful controls to maintain security while enabling flexibility. Administrators can allow temporary audio accessory pairing without data syncing to iCloud, ensuring that employee or customer data is not inadvertently retained on shared devices. For added security, pairing data can be erased automatically based on predefined schedules, such as each night.

These controls are critical for shared environments where sensitive data protection and operational continuity are key. For example, hospitals using shared iPads for patient intake can ensure that data is cleared between users while still enabling seamless accessory use for each individual session.

Platform Single Sign-On for simplified authentication

The new Platform Single Sign-On (SSO) tools in macOS 26 reduce friction during the authentication process for enterprise employees. Platform SSO can now be activated during automated device enrollment, meaning employees can immediately access managed apps, company services and their Managed Apple Accounts without additional sign-ins. This feature simplifies the device setup process for organizations onboarding large numbers of employees or contractors.

The addition of Authenticated Guest Mode benefits shared environments, such as schools or hospitals, by allowing temporary logins via organizational Identity Provider (IdP) credentials. This ensures that users can access only the resources they are authorized for, while personal data is automatically erased upon logout. This is especially beneficial in environments with transient users where data security and quick turnover are priorities.

Return to Service: streamlined device reuse

Apple’s improvements to the Return to Service workflow allow enterprises to retain managed apps during device preparation for reuse. This feature significantly reduces the time needed to prepare devices for new users in shared-use scenarios. For instance, retail organizations can erase user data while retaining critical operational apps, allowing devices to be redeployed within minutes rather than hours. Automated re-enrollment into MDM ensures that settings, restrictions and compliance policies are applied quickly and consistently.

If you have a healthcare use case, check out Return to Service features supported by Ivanti Neurons for MDM. By adding a Return to Service option on your Ivanti iOS client, your floor staff can safely repurpose devices with one click.

ManagedApp Framework for secure enterprise app configurations

The ManagedApp Framework, built on Declarative Device Management, introduces a structured approach to defining and passing configuration details to enterprise apps. This framework allows IT administrators to establish app behavior — such as server URLs, credential parameters or connection policies — tailored to specific employees or teams.

For example, an IT department can provide custom app settings for field technicians that include preconfigured server endpoints and unique digital certificates, while offering a more limited set of configurations for interns or temporary staff. The framework integrates seamlessly with features like Single Sign-On and Managed Device Attestation for secure, scalable and compliance-ready app deployments across industries. This feature requires support both from the application and from the MDM side.

Software updates changes in iOS/iPadOS/macOS 26

Apple is deprecating legacy software update management methods in iOS, iPadOS and macOS 26, and removing support in 2027 OS versions, requiring all organizations to transition to the new Declarative Management Software Update Enforcement and Software Update settings. Ivanti fully supports these new workflows, enabling automated and proactive update management. Declarative Management Updates are supported on iOS/iPadOS 17+ and macOS 14+. To prepare, customers should update their device management policies in Ivanti, configure Software Update Enforcement and settings for their devices and ensure compliance with Apple’s updated requirements—securing a smooth transition ahead of the deadline.

Key takeaways for enterprise IT

Apple’s WWDC announcements introduce meaningful improvements for enterprise IT, from streamlined device reuse to more flexible management and security controls. Using Ivanti’s endpoint management solutions alongside these new Apple features will help organizations automate deployments, ensure compliance and support diverse user needs with greater efficiency.