Extracted Text: AppleKeynote_Apple_Platform_Security_for_Enterprise_2026

Slide 1

• Presenter Name
• Title
• Date
• Apple Platform Security
• for Enterprise

Slide 2

Slide 3

• Technology
• that delivers a consumer-like experience
• at work

Slide 4

• Technology that’s secure and easy to deploy for IT

Slide 5

• Source: IDC White Paper, sponsored by Apple: The Business Imperative of Secure Endpoints, Doc #US51204723, September 2023. N=513
• Security is the top factor for IT decision makers
• Security

Slide 6

• IT decision makers are looking for
• built-in
• security
• Source: IDC White Paper, sponsored by Apple: The Business Imperative of Secure Endpoints, Doc #US51204723, September 2023. N=513
• 72%
• Very Important
• Somewhat
• Important
• Not
• Important
• How important is security built
• from the ground up — including
• the silicon, firmware and OS?

Slide 7

• Encryption and biometrics are key
• built-in
• features
• Source: IDC White Paper, sponsored by Apple: The Business Imperative of Secure Endpoints, Doc #US51204723, September 2023. N=513
• IT decision makers who say integrated data encryption is very important
• 71%
• 91%
• IT decision makers who believe biometrics are more secure than passwords

Slide 8

• Advanced security that’s
• built right in

Slide 9

• Security
• User experience

Slide 10

• Networking
• 􀁢
• Security
• 􀁢
• Deployment
• 􀁢
• Management
• 􀁢

Slide 11

Slide 12

• Focus on the User

Slide 13

• Traditional Security
• Physical security
• Secure configuration
• Installing latest patches
• Password policy
• Vetted apps
• Mandated policies
• Security at Scale
• Security built from silicon up
• Secure default settings
• Easy updates
• Secure biometrics
• App Store
• Ease of use

Slide 14

Slide 15

• File System Data Protection

Slide 16

Slide 17

• Passcode usage since biometrics
• 49%
• Before
• After
• 92%

Slide 18

• Deep Integration

Slide 19

Slide 20

• Security components

Slide 21

• Secure Enclave

Slide 22

• Secure Enclave
• Sensor
• 01001010
• 10100101
• 01010001
• 11100010
• 01 01 10
• 10 0 101
• 010 0 1
• 1 10 0

Slide 23

• Touch ID
• Face ID
• Optic ID

Slide 24

• Secure Enclave
• Touch ID
• Apple Pay
• FileVault
• Data Protection

Slide 25

• Secure Boot
• Signed system volume
• System integrity protection
• Secure Enclave
• Touch ID
• Apple Pay
• FileVault
• Data Protection

Slide 26

• Memory Integrity Enforcement
• Always-on memory safety protection
• Secure Allocators
• Enhanced Memory Tagging Extension
• Tag Confidentiality

Slide 27

• Ecosystem

Slide 28

• Secure software updates
• 1

Slide 29

• App security and malware protection

Slide 30

• Secure networking and services

Slide 31

• Hardware security
• System security
• Encryption and
• Data Protection
• Network security
• Services
• App security
• Built-in security
• at every layer

Slide 32

• Ongoing Security

Slide 33

• Apple Security Research
• security.apple.com

Slide 34

• Security Research Device

Slide 35

• Private Cloud Compute
• Virtual Research Environment

Slide 36

• Apple Security Bounty

Slide 37

• Designed to meet
• compliance standards

Slide 38

• Component manufacturing
• Distribution centres
• Module manufacturing
• Final
• assembly
• Supply chain security

Slide 39

• Supply chain security
• Data collection
• Software deployment
• Data collection
• Software deployment
• Device integrity
• Device restoration
• Data collection
• X-ray inspection
• Software deployment for assembly and test
• Device integrity
• Device restoration
• Component manufacturing
• Final
• assembly
• Data collection
• Software deployment
• Distribution centres
• Module manufacturing

Slide 40

• Crypto Modules
• (User, kernel and SKS)
• corecrypto
• iOS
• iPadOS
• watchOS
• tvOS
• sepOS
• T2OS
• macOS
• visionOS
• FIPS 140-2
• 2019
• 10.0
• FIPS 140-3
• 2020
• 11.1
• 2021
• 12.0
• 2022
• 13.0
• 2023
• 14.0
• 2024
• 15.0
• FIPS 140-2, FIPS 140-3, ISO, IEC 19790
• Cryptographic module validations
• Pending on NIST
• Certification in process
• Pending on NIST
• Certification in process
• Pending on NIST

Slide 41

• 2020
• 2021
• 2022
• 2023
• 2024
• Platforms
• iOS 14 
iPadOS 14
• macOS Big Sur 11
• iOS 15 
iPadOS 15
• iOS 16 iPadOS 16
• macOS Ventura 13
• iOS 17 iPadOS 17
• macOS Sonoma 14
• iOS 18 iPadOS 18
• macOS Sequoia 15
• Additional compliance claims
• MDM WLAN VPN Safari Contacts
• FileVault
• MDM WLAN VPN Safari Contacts
• MDM WLAN VPN TLS Bluetooth Biometrics
• FileVault
• MDM WLAN VPN TLS Bluetooth Biometrics
• FileVault
• MDM WLAN VPN TLS Bluetooth Biometrics
• FileVault
• Common Criteria certification
• Evaluation being finalised
• Mutual Recognition by all 31 CCRA-consuming national schemes
• CCRA members
• Evaluation underway

Slide 42

• Resolution: 40 to 60 um feature detect
• Apple-designed station security
• X-ray inspection
• Automated optical anomaly detection
• Supply chain security

Slide 43

• Apple Platform Certifications
• support.apple.com/guide/certifications
• FIPS 140-2
• FIPS 140-3
• COMMON CRITERIA

Slide 44

• Enables German government
• employees to process sensitive
• data on devices
• Native iOS and iPadOS without
• a third-party add-on solution
• Face ID and Touch ID approved
• German Federal Office for Information Security (BSI)

Slide 45

• Deploy and secure straight
• out of the box

Slide 46

• Security
• User experience

Slide 47

• Security
• User experience
• Manageability

Slide 48

• Built-in
• antimalware
• System Integrity Protection
• Built for
• Apple silicon
• Faster security improvements
• End-user privacy controls
• Zero-touch deployments
• T2 Security Chip
• MDM
• framework
• Free macOS upgrades
• Touch ID
• Full disk
• encryption
• Single Sign-On
• extension
• Managed software updates
• Erase all content
• and settings
• Endpoint Security framework
• 2019
• 2018
• 2017
• 2016
• 2015
• 2014
• 2013
• 2012
• 2011
• 2009
• 2022
• 2021
• 2020
• 2023
• Zero trust with device attestation
• 2024
• Passwordless
• device enrolment
• 2025
• Memory integrity on M5

Slide 49

• Management and security frameworks

Slide 50

Slide 51

• Automatically enrolled in MDM

Slide 52

Slide 53

• Zero trust with
• Managed Device Attestation

Slide 54

• Device management capabilities
• Configure email accounts
• Organise apps in the dock
• Install apps
• Remote wipe
• Restrict settings
• Manage preferences
• Enforce FileVault
• Configure enterprise Wi-Fi and VPN
• Enforce passcode
• Hide system apps
• Restrict data flow
• Apply restrictions
• Manage local user account

Slide 55

• macOS Security Compliance Project
• pages.nist.gov/macos_security/
• NIST 800-53 Rev 5
• NIST 800-171 Rev 2
• CNSSI 1253
• DISA STIG
• CIS Level 1
• CIS Level 2

Slide 56

Slide 57

• Apple Business Manager
• Restrict personal Apple Accounts
• AppleCare and device inventory data
• APIs to automate management tasks

Slide 58

• Device management migration

Slide 59

• Set new management service
• Enforce by deadline

Slide 60

• Full screen enforcement after deadline
• Old configurations and apps are removed. New ones are installed.

Slide 61

• App update management
• Manage app update behaviour per app
• Pin specific app versions
• Enforce or disable automatic updates

Slide 62

• Return to Service
• Designed for shared use deployments
• Preserves managed apps on erase
• Now available for Vision Pro

Slide 63

• Management and security frameworks

Slide 64

• Endpoint Security for Mac
• Monitor authentication activity
• Monitor external drive mount activity
• Monitor XProtect and Gatekeeper notifications
• Monitor login and logout activity
• Monitor process executions and forking

Slide 65

• MDM and Endpoint Security solutions
• MDM solutions
• Endpoint Security solutions

Slide 66

• Management and security frameworks

Slide 67

• Managed Apple Accounts
• Connect to your identity provider
• Sign in with federated authentication
• Verify your domain for accounts
• Manage access to Apple services
• Limit Sign-in to Managed Apple Accounts only

Slide 68

• Use Face ID to sign in to apps and websites
• Sign in once in
• Mac login window
• Single sign-on integrations

Slide 69

• Single Sign-On for Mac
• macOS Tahoe 26 new features
• Platform SSO registration during setup
• Authenticated Guest Mode for shared use
• Tap to Login for Mac

Slide 70

• Monitor for malicious activity
• with Endpoint Security
• Set baselines and manage security with MDM
• Integrate with your identity provider for single sign-on

Slide 71

• Security in action

Slide 72

• 29
• Years in business
• 30M+
• Customers
• 4,000+
• Mac computers deployed

Slide 73

• reduction in
• power consumption
• 50%
• reduction in
• support requests
• 80%
• malware incidents
• after switching to Mac
• 0

Slide 74

• Guilherme Ximenes
• CTO, Inter
• “Security is one of our main pillars of value at Inter.
• We chose Mac because of the robust security features and streamlined ecosystem, which collectively reduced our IT workloads.”

Slide 75

• Enterprise
• Security
• Managed device attestation
• Apple Business
• Manager
• Endpoint Security
• framework
• Zero-trust principles
• Built-in
• antivirus
• Software Update Management
• Zero-touch deployment
• Apple silicon — secure by design
• Identity integrations for single-sign on
• Mobile device management framework
• User Enrolment
• for BYOD

Slide 76

• Resources

Slide 77

• IDC White Paper:
• The Business Imperative of Secure Endpoints
• apple.com/uk/business/enterprise/resources

Slide 78

• Apple Platform Security
• support.apple.com/guide/security

Slide 79

• Apple Platform
• Deployment
• support.apple.com/guide/deployment

Slide 80