Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade

This post will outline a comprehensive plan for update iOS apps using Mobile Application Management (MAM) policies before upgrading to iOS/iPadOS 17. The upcoming release of a new iOS/iPadOS 17 OS can bring exciting features, improvements, and challenges, especially regarding app compatibility, and compliance.

As per the latest Intune plan for change, Planning for change and updating your iOS apps using Mobile Application Management (MAM) policies before upgrading to iOS/iPadOS 17 is essential to ensure the smooth transition of your apps and maintain security and compliance.

App protection policies (APP) are rules that ensure corporate data remains safe or contained in a managed app. App protection policies are supported on iOS and Android, where applications meet specific requirements.

Mobile Application Management (MAM) app protection policies allow you to manage and protect your organization’s data within an application. Many productivity apps, such as the Microsoft Office apps, can be managed by Intune MAM. 

Patch My PC
[sibwp_form id=2]

Plan for Change: Update iOS Apps using MAM Policies prior to Upgrading iOS/iPadOS 17

As mentioned in MC671810, Microsoft Intune will report any applications with SDK versions earlier than 17.6.1 on iOS/iPadOS 17 and later as non-compliant with Conditional Access, Expected in September 2023.

MessageServiceCategoryPublishedMessage ID
Update your iOS apps using MAM policies prior to upgrading iOS/iPadOS 17Microsoft IntunePlan for change8/30/2023MC671810
Table 1 – Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade
Plan for Change: Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.1
Plan for Change: Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.1

Organizations using the Conditional Access grant “Require App Protection Policy (APP)” must upgrade their iOS apps to the latest version before upgrading to iOS/iPadOS 17 to ensure applications stay secure and maintain access to Conditional Access protected services.

This change ensures that apps are using Intune iOS SDK version 17.6.1 or higher to support the upcoming iOS/iPadOS 17 release.

Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.2
Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.2

How this will affect your organization

If you do not use, or do not plan to use mobile application management (MAM/APP), disregard this notice.

Adaptiva

If users do not upgrade their apps to the latest version prior to upgrading to iOS 17, the app will fail the “Require App Protection Policy” Conditional Access check, and these apps will be unable to connect services such as Microsoft 365.

User Impact: Users will need to upgrade their app to maintain access to company data. If they do not upgrade their app, they will need to do so to restore access to these services. 

What you need to do to Prepare

Communicate this change to your users to ensure they upgrade their apps to the latest version prior to upgrading to iOS 17.

You can review the Intune APP iOS SDK version in use by your end users by using the MAM reports in the Intune Admin Console. Navigate to Apps > Monitor.

Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.3
Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.3

In the Monitor > App protection status, then review “Platform version” and “iOS SDK version”. Review applications with iOS SDK version less than 17.6.1.

A warning message appears showing that some data in this report takes longer to process. The column will show a syncing status while the data is being prepared.

Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.4
Update iOS Apps with MAM Policies for iOS/iPadOS 17 Upgrade Fig.4

Test App Compatibility, Create a testing environment to evaluate how your critical apps and MAM policies perform. Identify any issues and work on resolving them.

Once you are confident that your apps and MAM policies are compatible with iOS/iPadOS 17, schedule the upgrade for your organization.

Note there have been several service change notices to prepare for iOS/iPadOS 17, including MC666161 and MC578235. Please review all of your service change notices to prepare for Apple’s latest service release. 

Author

About Author – JiteshMicrosoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.