Apple Keynote 2025: What's new for enterprises with an MDM?

In addition to a complete visual overhaul of the design of all Apple devices with touchscreens, Apple unveiled several other features at this year’s keynote. But not all of these are relevant for companies that use Apple devices for work. In the following article, we’ll focus on the changes that are important for companies and explain how they impact working with an MDM.

Dynamic interfaces and features dominate the Apple Keynote 2025

The most discussed innovation at the Apple Keynote 2025 was the comprehensive redesign of the user interface. Apple is using a new material called Liquid Glass, which is designed to dynamically adapt the UI – for example, scaling the time display depending on the space. The app icons appear more modern thanks to their slight transparency, while the interface changes flexibly, for example, through scaling icons.

The new design will be available on all platforms from tvOS to visionOS. Apple’s apps themselves also received a redesign: toolbars and navigation have been redesigned to better fit the rounded hardware. Liquid Glass controls float above the content and dynamically adapt to the usage context. In iOS 26, tab bars shrink as you scroll to create more space for content, while new sidebars in iPadOS and macOS stylishly integrate content and wallpapers. These design elements are found in apps like Safari, FaceTime, and Apple Music.

Apps can also be more personalized, for example with translucent themes. At the 2025 keynote, Apple emphasized its focus on uniformity: All systems – whether iPhone, Mac or Vision Pro – will launch together with OS 26, named after the coming year.

What wasn’t mentioned in the Apple Keynote 2025: An insight for Apple Business users

Traditionally, at the WWDC Apple Keynote, only the features that are of interest to end users were presented. This doesn’t necessarily mean that companies won’t also benefit from iPhones becoming more user-friendly and their features becoming more intelligent; after all, this is how iPhones become popular work devices.

But for Apple Business users, other things are of course more in focus, such as the question of what changes Apple is making with regard to Apple Business Manager and Apple School Manager and how these will affect the use with an MDM (Mobile Device Management). Updates for Apple Business Manager & Apple School Manager Apple Business Manager and Apple School Manager are used by businesses and educational institutions to manage Apple devices within the enterprise.

Updates for Apple Business Manager & Apple School Manager

The main aim of the changes published is to provide IT admins with more security, control, and less support effort.

Furthermore, the separation between private and work profiles is to be made more stringent. To achieve this, Apple has introduced the new “Lock Domain” feature. This prevents private Apple IDs from being created using the company address – something that was previously unavoidable. Existing private accounts with the company address must be updated. To ensure this, IT admins can retrieve a list of all private Apple IDs on their own domain. Affected users can be contacted directly.

With the changes, Apple also brings new services such as App notarization for Managed Accounts – the ability for companies to only provide approved and tested apps. The goal of all these innovations: to make Managed Apple Accounts simpler and more attractive – and to relieve IT teams of manual effort.

Improvements to device management

Apple expands the Device information (Device Inventory) in Apple Business Manager and enables a new API interface to query and use this data automatically. This helps IT teams better manage and assign devices and resolve support cases faster.

In the ABM you can now also view additional details about registered devices. These include the Activation Lock status, device storage, mobile data (IMEI and EID of iPhones/iPads with SIM or eSIM), and information about who removed a device from the ABM and when this happened. In the ABM, you can now also view whether a device receives AppleCare and how long this coverage lasts. This makes it easier to keep track of which devices need to be repaired or replaced.

Additionally, as announced during the Apple Keynote 2025, Apple plans to introduce Bluetooth and Wi-Fi MAC addresses for iPhone and iPad. This will allow IT admins to restrict network access to known devices.

New interfaces (APIs) in ABM make life easier for IT admins

Previously, if IT admins wanted to access specific device information, they had to first log into the ABM via a web browser and search for it manually. Now, new APIs for the ABM and ASM are being added.

IT admins can now retrieve device lists, assign devices to an MDM server, and view the status of batch commands. As part of the Apple Keynote 2025, it was announced that more features are to follow. To use these APIs, an API account must be created in ABM, the private API key generated and downloaded, and integrated into a management tool (e.g., MDM). This allows for the automation of key processes such as device assignment and inventory reconciliation, among other things.

Apple simplifies device management with new enrollment and migration features

During the Apple Keynote 2025, Apple also announced some simplifications for the enrollment of devices in ABM and their connection to an MDM. Not all devices can be automatically added to an MDM system—for example, with BYOD (Bring Your Own Device). Apple now offers a simpler alternative for such cases: Account-driven enrollment – ​​enrollment is easy using the user’s Managed Apple ID.

With iOS 26, IT teams no longer need to set up their own forwarding URL on their domain. Instead, the MDM server can provide the necessary URL directly via Apple Business Manager. This means enrollment works automatically, securely, and with privacy in mind, even without the need for a separate DNS configuration.

Another important new feature Apple is providing for IT admins is the ability to migrate MDM servers without wiping devices. Previously, a device could only be transferred from one MDM to another if all data was erased from the device. Now, you have the option to transfer all of the company’s devices registered in ABM or ASM to a new MDM at once, or to set a deadline after which the migration will start automatically. Users will be notified, and all old configurations will be removed, and the new ones will be installed. Sensitive settings such as Activation Lock and FileVault keys are also transferred automatically.

Updates & Return to Service

Apple’s Declarative Device Management (DDM) has been available since iOS 17, iPadOS 17, and macOS Sonoma. This includes the ability to postpone system updates, specify update intervals, and define update deadlines. In the future, these settings will be stored entirely in ABM, rather than being managed via MDM. Safari will also be able to be managed via DDM in the future. New features include the ability to better manage bookmarks and set a default homepage in Safari.

As part of the Apple Keynote 2025, it also became clear that Apple wants to ensure even greater loyalty among business customers to their devices. The so-called “Return to Service” process has been improved: If the device user is changed, their data will be deleted as before, but iPhones and iPads can still retain managed apps when they are reset. This eliminates the need to re-download apps, saving valuable time for the next user. This feature is enabled by a new key in the cloud configuration. In addition to the new key, you must also wait for the device to be configured. Once the device has reached the “awaiting configuration” status, you can install the apps you want to keep. When you release the device, the system creates a snapshot of the currently installed applications. After the next reset, you must send the Install-Application command or the Managed-App declaration to take over management of the received applications before releasing the device from the waiting configuration. Resetting without re-downloading apps not only speeds up the transition time between users, but also helps in environments with network restrictions.

App updates & identity integrations are easier than ever

On iOS and iPadOS, the Managed Apps configuration now offers options for defining update behavior for each individual app. This gives organizations even more control over their managed apps. They can force or disable automatic app updates. Apps can also be pinned to a specific version, allowing for a more controlled release process. IT admins can also view the status of app installations in real time and specify whether to restrict app downloads over cellular networks. With all these new features, IT teams gain even more control over the apps on their devices.

Apple simplifies identity management through deeper integration of Platform Single Sign-On (SSO) in the Setup Assistant. This allows users to log in with their corporate account directly during the initial setup of a Mac – without any detours and without separate configuration afterward.

For shared devices, such as in schools, clinics or retail stores, Apple now offers the new Authenticated Guest Mode. This allows different users to securely log in to the device using their cloud identity, with all data being automatically deleted after the session. A special highlight is “Tap to Login“: Users can now easily register via iPhone oder Apple Watch via NFC, similar to a digital access card. The access data is stored securely in the Secure Enclave, which enables login without a password and at the same time meets the highest security requirements.

With the announcements at the Apple Keynote 2025, Apple is making it clear that the Apple ecosystem is becoming more attractive not only for end users, but also for businesses and educational institutions. From new APIs and device management features to simplified MDM migrations and smarter identity management – ​​IT admins gain more control, security, and automation. This saves time, reduces support overhead, and noticeably simplifies day-to-day administration.