What’s new for enterprise in iOS 14

Find out about the enterprise content that Apple has released for iOS 14.

iOS 14 updates improve the stability, performance or compatibility of your device and are recommended for all users. Device administrators can manage software updates using an MDM solution. 

For information about general improvements, find out about iOS 14 updates.

iOS 14.3

  • Resolves an issue that could cause AirPrint devices to not appear when managing printers with a configuration profile.
  • Devices will correctly prompt users to change their password after the defined Maximum passcode age from the Passcode Payload has passed.

iOS 14.2

  • When MDM defines a network via a Wi-Fi settings payload and disables the MAC address randomisation option, the Private Address feature can no longer be enabled manually by users.
  • If the Global HTTP Proxy payload is configured to not allow direct traffic as a fallback, devices will no longer allow direct traffic when the PAC is unreachable. 
  • When a Private Address is enabled for a wireless network, the hardware MAC address will no longer appear in ARP traffic.

iOS 14.1

  • Always-On VPN configurations without the CellularServices service will now connect to VPN over mobile. 
  • Third-party file provider applications will no longer display “Content Unavailable” in the Files app. 
  • Third-party VPN apps reconnect successfully following a network transition.

iOS 14

iOS 14 includes new features such as per-account VPN, single sign-on enhancements and other device management improvements. 

Device Management

  • The Installed Application MDM query minimises impact on device load by specifying an array of items to return. 
  • iOS 14 introduces a new Wi-Fi privacy feature. When an iPhone connects to a Wi-Fi network, it identifies itself with a randomised MAC address. The MAC address randomisation behaviour only generates a new MAC address once for each Wi-Fi network that a device joins. A new random address will only be generated for a known network following “Reset Network Settings”, “Erase All Content and Settings” or “Reset All Settings” actions. For networks defined by a Wi-Fi settings payload, this can be disabled with the DisableAssociationMACRandomization option.
  • The Setup Assistant settings payload allows for a list of setup items that can be skipped following automated enrolment and future updates. 
  • Managed apps can now be identified individually as unremovable by the user. 
  • Fonts installed via a configuration profile will only be visible to apps implementing the Font APIs introduced in iOS 13. 
  • Devices now return correct DeviceCapacity values to the DeviceInformation MDM query
  • Web Clips installed by MDM will open in the specified app without prompting for user approval. 
  • Reinstalling an Exchange ActiveSync payload on a device will not cause a prompt for authentication. 
  • A device can be updated successfully to iOS 14 via MDM while in Single App Mode. 
  • Apple Configurator can now modify the home screen layout for iOS devices. 
  • For an account configured with the Exchange ActiveSync payload, the server returned via AutoDiscover will be ignored if a server is specified in the profile with the Exchange hostname key. 
  • You can upload a file from a managed source to a managed domain in Safari. 
  • The ListAvailableUpdates MDM command is only valid on supervised devices. 


  • Exchange accounts on iOS 14 configured for OAuth with Microsoft cloud-based services (such as Office365 or outlook.com) will be upgraded automatically to use Microsoft’s OAuth2 identity platform (v2.0).
  • Emails for Exchange calendar invitations that contain notes will no longer result in the “This message is only partially downloaded” message. 
  • The sending account will not be auto-updated from a managed to an unmanaged account when composing a new email. 
  • Fixes an issue in Mail where new messages may not appear in the Inbox.
  • Mail no longer prompts repeatedly when the account password has changed. 

Bug fixes and other improvements

  • If an IKEv2 VPN payload omits any values in Dynamic SA parameters, the defaults in iOS 14 will be set to:  
    • NEVPNIKEv2EncryptionAlgorithmAES256
    • NEVPNIKEv2IntegrityAlgorithmSHA256
    • NEVPNIKEv2DiffieHellmanGroup14
  • CryptoTokenKit now includes support for persistent tokens. Persistent tokens allow third-party extensions to use cryptographic items stored on a Smart Card or networked hardware security module (HSM). 
  • Safari displays a warning when connecting to websites that use TLS v1.0 or v1.1. 
  • Addresses an issue that could cause a device to become unresponsive when initiating an AirPlay mirroring session with an Apple TV.
  • Fixes an issue that prevented VPN connections from reconnecting.
  • Resolves an issue that could cause the Contacts app to quit unexpectedly if more than one source account is set up.
Published Date: