Connect
Ask Community
Ask the community
Ask Community
  • Home
  • iOS
  • iOS Updates Best Practice

iOS Updates Best PracticeSolved

Profile photo of nizzy
nizzy
Participant
Discussion
Hexnode UEM
1 week ago

I was just wondering how everyone deals with iOS Updates obviously for the update to install “The user needs to type in the password on password-protected devices to further approve the update.” we are audited regularly on ensuring devices (Windows, iOS, iPad OS & Android) are updated in a timely manner, iOS seems to be the one I struggle the most with.

We have a number of users that just dont seem to update their device and im having to chase them to get it done, I know I can “Clear Passcode to Force Update Installation” but that then leaves the device without a passcode until they pick one which basically just creates a new issue.

I looked at using a dynamic group that would then apply a policy to change the wallpaper to advise the user that there were updates and where to go to update, that image doesnt remove once its “compliant” though so they would need to change it and I feel like they’d end up leaving it as the wallpaper.

I then considered could I just disable access to a key app until the device was updated, I havent looked into how I could do this yet though.

So, what do you do to simplify the process for yourself?

Any feedback greatly appreciated.

topic view count 119 Views

Tags

Best Practices (11) Compliance (8) iOS (265) iPadOS (58) OS Updates (62)
Reply

Replies (4)

Marked SolutionPending Review
Profile photo of edenpierce Hexnode Expert image
edenpierce
Hexnode Expert
6 days ago
Marked SolutionPending Review

Hey @nizzy,

Thanks for reaching out!

Managing iOS updates can be tricky, but here are a couple of ways to streamline the process while ensuring compliance:

    1. Using Password Policy:
      If you have a Password policy associated with the device, you can force the update by clearing the passcode. After the update, the user will be prompted to create a new passcode based on the policy settings. This ensures that the update is enforced while maintaining security.  Even if they ignore it at first, after the grace period (up to an hour) allowed by iOS, they will be forced to set a new passcode in order to use the device.
    2. Send Broadcast Messages as a Reminder:
      You can use the Broadcast Message remote action in Hexnode UEM to send update reminders directly to users.

Let me know if you’d like more details on any of these approaches!

Best regards,
Eden Pierce
Hexnode UEM

Marked SolutionPending Review
Profile photo of nizzy Novice image
nizzy
Participant
4 days ago
Marked SolutionPending Review

Edenpierce,

Thank you for that response, so im pleased to report that Send Broadcast Messages is one of the tools ive been regularly using and is the main one that gets most of the users to go through with the update.

We also currently use a password policy, I was just a little wary of forcing the update and thus removing the password short term if they didnt have the device on their person it potentially created a risk of exposure of data on the device.

To update on something I am going to try as well, I have created a Dynamic Group as below:

Screenshot 2025-02-14 at 12.08.41.png

I have then associated a Policy with that which basically puts the device into Kiosk mode so they can only use Settings, Phone & Messages until the update is done, once the update is done it removes from the Dynamic Group and returns back to full functionality.

I’ll let you know how that goes.

Marked SolutionPending Review
Profile photo of ben_clarke Hexnode Expert image
ben_clarke
Hexnode Expert
3 days ago
Marked SolutionPending Review

Hi @nizzy,

That sounds like a solid approach!

We tested the same, and it worked as expected. However, we recommend trying it in a test environment before deploying it in bulk.

Let us know how it turns out! Feel free to reach out if you have any questions.

Best regards,
Ben Clarke
Hexnode UEM

Marked SolutionPending Review
Profile photo of nizzy Novice image
nizzy
Participant
3 days ago
Marked SolutionPending Review

Ben,

Yeh I have it set to specific serial numbers at the moment so that I can single out users while testing I just didnt want to show that in the screenshot I submitted as thats not how it will work once we pass testing 🙂

Regards

Kevin

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Veteran image
bram
530 pts
Profile photo of boris Veteran image
boris
520 pts
Profile photo of ronnie Veteran image
ronnie
505 pts
Profile photo of wilma Veteran image
wilma
480 pts
Profile photo of tommy Veteran image
tommy
455 pts
View all

Popular Tags

ABM (32)
Android (315)
iOS (265)
macOS (331)
Windows (190)
Apple TV (19)
App Management (268)
Enrollment (60)
Location (21)
Kiosk (154)
Scripts (68)
DEP (34)
OS Updates (62)
Android Enterprise (73)
View all