Sophos Mobile: Enforce iOS updates

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


Overview

This article describes steps to enforce compliance policies so that an iOS device will update to the latest version. The automatic installation of updates will depend on some configurations defined by the end-user.
See: Update your iPhone or iPad

Requirements

  • Device must be supervised
  • Not compatible with Apple User Enrollment. (See step 3 for non-supervised or Apple User Enrollment devices)

Steps

  1. Create a task bundle for iOS & iPadOS devices.
    1. Name the task bundle
    2. Ensure to specify "Selectable for compliance actions"
    3. Go to: Add task > Install latest iOS update
    4. Save your changes



  2. Create or edit your compliance policy.
    1. Navigate to the iOS & iPadOS tab
    2. Select "Mandatory OS updates" and specify the desired option (typically "Latest critical update")
    3. Under "Transfer task bundle" specify the task bundle we created in the previous step
    4. Save your changes



  3. For Apple User Enrollment or Non-Supervised devices, the automated installation of iOS updates is not possible. We suggest informing your end-users of available iOS updates in these situations by sending custom notifications. The following steps describe how to accomplish this.
    1. Create a task bundle
    2. Name the task bundle
    3. Tick the box next to "Selectable for compliance actions"
    4. Select "Send message" as the task and populate the desired messaging to your end users
    5. Save your changes



    6. Using the same compliance policy used in step 2, select the desired "Minimum OS version"
    7. Under "Transfer task bundle" select the task bundle we created in the previous step



Spacing
[edited by: Qoosh at 11:06 PM (GMT -7) on 1 Oct 2024]