Apple’s latest major innovation, unveiled at their Worldwide Developers Conference, was “Apple Intelligence” – their distinctive take on AI technology. Rather than simply joining the AI trend, Apple has developed their own approach that emphasizes user experience and privacy protection.
While sharing the “AI” initials with artificial intelligence, Apple Intelligence stands as its own branded technology. The company’s messaging highlights how this technology will enhance common tasks like writing and Siri interactions, while maintaining strict privacy and security standards – a feature that should resonate well with IT security departments.
IT professionals should prepare for two waves of response:
- First from users as they begin experiencing Apple Intelligence
- Second from their organization’s security and compliance teams who will need to evaluate the implications of this technology.
Apple’s focus is clear: Apple Intelligence is designed to make everyday tasks—like writing, communicating, and using Siri—more intuitive and efficient, all while safeguarding user privacy. This approach benefits not just end users but also IT and security teams who manage Apple devices.
Meanwhile, security, compliance, and governance teams will also take notice, with questions on its implications and security measures.
What is Apple Intelligence?
Apple Intelligence refers to Apple’s suite of machine learning and AI-driven features designed to enhance user experience across its ecosystem. Embedded deeply into macOS, iOS, iPadOS, and watchOS, these features enable devices to learn from user behavior and adapt accordingly, enhancing productivity and making devices smarter and more responsive. Some well-known features of Apple Intelligence include:
- Writing Tools
- Image Playground
- Genmoji
- Siri with App Intents
- Integration with ChatGPT
However, enterprises may hesitate to fully embrace Apple Intelligence, as it may conflict with strict data security or compliance policies. Recognizing this, Apple has now given IT administrators the control to manage – and even disable – specific intelligence features.
Apple Intelligence System Requirements:
Mobile Devices:
- iPhone: Limited to 15 Pro and Pro Max models (requires A17 Pro chip)
Tablets and Computers:
- All M1 or newer:
- iPad Air
- iPad Pro
- MacBook Air
- MacBook Pro
- iMac
- Mac mini
- Mac Studio: M1 Max or newer
- Mac Pro: Requires M2 Ultra
Why Hand Over Control to IT?
The release of Apple Intelligence requires organizations to address security and compliance concerns proactively. Security teams will naturally focus on data protection, specifically questioning data handling, access controls, and security measures for company information.
These are familiar challenges in the AI landscape, and Apple appears to have developed comprehensive solutions. Their approach centers on minimizing off-device data transmission, with specific protective measures built into PCC to safeguard user data privacy.
Rather than simply requesting trust, Apple is implementing verifiable security measures that organizations can evaluate independently. They’re committing to transparency through a promised public third-party audit.
The OpenAI collaboration has drawn particular attention, but Apple has implemented several safeguards: ChatGPT integration requires explicit user consent, IP addresses will be masked, and importantly, user interactions won’t be stored in the cloud or used to train OpenAI’s models.
The key to successful implementation likely lies in clear communication of organizational policies regarding both general AI usage and specific guidelines for ChatGPT integration within Apple Intelligence. With the power to switch off Apple Intelligence features, IT can:
- Enhance Security: Limit potentially sensitive data processing locally or externally, thereby minimizing data exposure and adhering to regulatory standards.
- Meet Compliance Standards: Apple Intelligence’s data-gathering capabilities may not align with compliance in industries where data protection is paramount. Disabling certain features allows organizations to comply with privacy laws like GDPR and CCPA.
- Increase Device Performance: By disabling intelligence features, IT departments can improve battery life, processing power, and network performance, which can be particularly beneficial for shared, high-demand devices in fields such as healthcare and education.
- Customize the User Experience: Organizations can now streamline devices to meet specific operational requirements, curating a more focused user experience that doesn’t rely on predictive behavior or machine learning.
How IT Can Disable Apple Intelligence
With macOS Sequoia 15.1, iOS 18.1, iPadOS 18.1, IT administrators can toggle Apple Intelligence features via mobile device management (MDM) platforms. Using these tools, they can disable or restrict Siri, Photos intelligence, and personalized suggestions, ensuring they operate strictly within the desired parameters.
These controls reflect a fundamental shift in Apple’s approach to enterprise device management, allowing IT teams to create customized, controlled experiences.
Let us see how using Microsoft Intune you can easily manage Apple Intelligence on your managed devices.
As always, Microsoft Intune acted swiftly and released Zero Day support for managing Apple Intelligence for Apple Platform. Microsoft Intune’s mobile device management (MDM) and mobile app management (MAM) controls are now updated to allow you to configure availability of these new capabilities. As detailed below, when Apple Intelligence features are released in iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, Intune will allow you to customize usage for your environment.
Intune MDM controls for iOS, iPadOS and macOS devices
For Apple managed supervised devices (ADE enrolled iOS/iPadOS and all macOS), Intune supports new settings for Apple Intelligence in the Restrictions payload and Math Settings declaration. These settings require the device to be supervised. For personal or bring-your-own (BYO) iOS /iPadOS devices there are no MDM provided controls. For customers looking for control on BYO or non-supervised devices, we support Intune MAM controls on both managed and unmanaged devices.
For iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1 Intune will support the following configuration controls starting in the noted Intune service release:
Intune MAM controls for iOS, iPadOS and macOS devices
For Intune MAM protected applications running on iOS 18.1 and later, Intune will control access to new Apple Intelligence features as they release. As of September 2024, only the Writing Tools feature is available in MAM protected applications. The remaining Apple Intelligence features are available only in system applications, such as Notes or Calculator’s Math Notes, which don’t support Intune MAM. Existing Intune MAM settings to control incoming data will continue to allow you to customize the behavior for data shared into MAM protected applications, including for AI generated content.
All apps that have integrated the noted Intune App SDK version and later will manage the following Apple Intelligence features. We’ll post new MAM protections here, including the supported App SDK version.
The configuration is also pretty straightforward. Almost all these restrictions are available under Restriction in Settings Catalog.
To configure them for macOS, you simply need to create a restriction policy using the below steps:
- Sign in to the Intune admin center.
- Select Devices > Manage devices > Configuration > Create.
- Enter the following properties and select Create:
- Platform: Select macOS.
- Profile: Select Settings catalog.
- In the Basics tab, enter the following information, and select Next:
- Name: Enter a descriptive name for the policy. Name your policies so you can easily identify them later.
- Description: Enter a description for the policy. This setting is optional, but recommended.
- In Configuration settings, select Add settings > select Restriction .
- Choose Select all these settings and then close the settings picker.
- Configure the settings that you would like to allow/block on the macOS devices managed in your tenant.
To configure them for iOS/iPadOS, you simply need to create a restriction policy using the below steps:
- Sign in to the Intune admin center.
- Select Devices > Manage devices > Configuration > Create.
- Enter the following properties and select Create:
- Platform: Select iOS.
- Profile: Select Settings catalog.
- In the Basics tab, enter the following information, and select Next:
- Name: Enter a descriptive name for the policy. Name your policies so you can easily identify them later.
- Description: Enter a description for the policy. This setting is optional, but recommended.
- In Configuration settings, select Add settings > select Restriction .
- Choose Select all these settings and then close the settings picker.
- Configure the settings that you would like to allow/block on the Apple devices managed in your tenant.
If you are restricting Apple AI features on the devices, then it is recommended that you also disable the Apple Intelligence key in Setup Assistant screens.
Verify payload on the device
Conclusion
Apple Intelligence marks a new chapter in Apple’s relationship with the enterprise world, combining user-centric AI capabilities with advanced management tools that put IT departments in control. By empowering IT teams to manage, customize, and secure Apple Intelligence features, Apple is enabling organizations to strike an effective balance between user experience and stringent security and compliance standards.
As these new capabilities unfold, IT professionals can look forward to enhanced control over device intelligence, creating a work environment that is as secure as it is productive. Apple’s approach is a significant step forward, ensuring that both users and IT administrators can harness the power of AI in ways that respect privacy and enhance organizational functionality. By handing over the “keys” to IT, Apple is reinforcing its commitment to both innovation and the unique demands of the modern enterprise landscape.
