Ntiva Live: Apple for Business

Big Sur Updates, 3rd-Party Browser Extensions, & M1 Chip Set Compatibility
March 9, 2021

Episode Overview

In this episode, we discuss new updates for Big Sur and Catalina, OS and browser extensions, and software compatibility for new the M1 chip set.

  • OS Catalina and Big Sur 11.2.3 updates
  • Grammarly and other 3rd-party browser extensions
  • Software compatibility with M1 chip set.

 

Sign Up Today

Complete the form to register for the Ntiva Apple for Business Livestream series. You’ll get an email reminder before each livestream, plus an email with a link to the recording in case you miss any of the live events.

Episode Transcript

Ben:

We changed systems. I'm jumping around from one app to another. This is why I'm starting to think this would be the benefit of having a dedicated room where you just walk into it, it's always set up the same, nothing ever changes, nobody touches anything and you just sit down and everything works. Unfortunately, that's not the world we live in, we deal with constant changes, we're trying to get one computer to do everything, including be a recording studio. It works great but when it doesn't work, it can be frustrating. In fact, Chad I think earlier today you had applied the most recent Mac OS update and you were having some audio issues and that's not uncommon, right?

Chad:

No.

Ben:

I mean, that happens. The Camera just fell. That even happens to us at times.

Chad:

It doesn't really matter what your experience level is, it's one of the many evils we have to learn to deal with and accept and just roll with it. I applied the update and restarted my Mac and then I couldn't for the life of me get Teams to pick up my headphones so I can hear you. We have to extend a lot of grace to each other these days.

Ben:

So when that happens, some tips, some tricks, you could try-

Chad:

Change source.

Ben:

What's that?

Chad:

Just change source. It usually works for me, say if I want to choose my headphones, I'll choose system sound for example, and then switch back, that typically works. Occasionally it doesn't but most of the time changing sources will help.

Ben:

Check your source, change your source and sometimes I've even had to turn Bluetooth off and back on if my AirPods are not working correctly and then if you don't have Bluetooth go back to a corded solution until you can fix your Bluetooth. So what I want to talk about today is kind of going back to the basics of management but some of this is brand new for a lot of people because Apple is constantly changing things. Before we get into that, Chad I wanted to do a follow-up on Silver Sparrow because two weeks ago, that was in the news, everybody was talking about it, everybody was concerned about it. I haven't heard much recently. Anything happened with silver sparrow?

Chad:

There's not much to tell. The way that we left it last time is there was this very mysterious, new type of... and let's take that with a grain of salt, it's all new because the architecture is new and one architecture in Apple ecosystem is brand new. So we expect to see new things, are they worse? Are they more insidious? That has yet to be seen. Silver Sparrow is a great case in point because it didn't deliver any nefarious act, there wasn't any outcome to it, it was just discovered on the machines. Tony and Katie from Red Canary, Thomas Reed too, Malwarebytes, they very quickly established a synthesis of that and shared that and there really hasn't been much activity since, so we can expect more excitement.

Ben:

So excellent a fire drill for the community to get ready for potential issues in the future and I don't know if you noticed, but can you see my screen? I shared my screen, can you see it?

Chad:

I can.

Ben:

I'm sharing my screen. Okay. Just want to make sure, earlier today I was sharing my screen and it was not visible and I'm going to try to follow chat yes, you can see my screen. Thank you, Holly and Chad, if you can help me, if anyone wants to post a question or comment in chat, that would be great. Chad and I will do our best to keep an eye on that but if you're not aware, we're moving our blog posting to the Ntiva domain so under resources Ntiva blog, and if you click on I think it's the Apple tag, right here. You'll see all the Apple articles. This is the most recent one Chad had posted a couple of weeks ago and related to Silver Sparrow, I want to mention in related to the conversation that Chad talked about, how he updated his operating system, had some audio issues this morning. There is an update under the Apple menu-

Chad:

[crosstalk 00:04:40], that's another auto band too, which is important to note, out of band releases are critical. There are things that aren't part of the regular calendar, the scheduled releases of updates. Which means that there's usually something that has emerged in the wild, this is the case in point, there was another vulnerability discovered. Shout out to [Klomal Leseen 00:05:07] from Google's Threat Analysis Group and Alison Huffman of the Microsoft Browser Vulnerability Research Center. They uncovered a flaw that had to do with remote code execution and the browser and so this update specifically addresses that CVE, that particular vulnerability. So we recommend that it's 14.4.1 now in iOS and that's essential. I would recommend everybody updates as soon as you can.

Ben:

Yeah. Thanks Chad. So Apple released yesterday afternoon I think as you said, iOS 14.4.1, iPad OS 14.4.1, watch OS 7.3.2, Which you get through your iPhone in order to apply the patch to your watch and then Mac OS 11.2.3. So you can see I'm still running 11.2.2, 11.2.3 came out and there are multiple ways to update. You may have automatically keep my Mac up to date, which means it's going to try tonight to run that update. Sorry, I think it says that somewhere. I thought it used to, maybe it doesn't anymore. It will try to run that update if you let it sit long enough at night plugged in connected to the internet, all those things that you may or may not be doing. We also will have for our clients who are under our management system, we do apply updates. I just want to reiterate again, there are differences... minimize this that I do not disturb. Okay, there are differences between-

Chad:

Just FYI Ben, I still see the blog post. I'm not seeing whatever you're doing.

Ben:

My sharing is really delayed.

Chad:

Yeah, just FYI I just see the Silver Sparrow blog post is what I see on the screen.

Ben:

I had a meeting yesterday with people from Zoom, actually that had nothing to do with troubleshooting. We were talking with a client about moving to Zoom and I was sharing my screen and this started happening. So it started happening yesterday, my screen sharing is not happening in Zoom, on par with what I would expect and to be fair, maybe it's not Zoom maybe it's all my apps. My computer I restarted before the presentation, my next troubleshooting step will be to go look at my router and my local network, it seems to be working except for screen sharing, but maybe I need to restart my router.

Chad:

Your voice and your video or are solid. So it's probably not the network.

Ben:

Okay. So right now you see software update window.

Chad:

Now it's working.

Ben:

Okay. So right now, you see Software Update window?

Chad:

Now it's working, yeah.

Ben:

Okay. Yeah, I think it's just really delayed because I didn't change anything. We'll move on. We've been doing this for a year.

Chad:

Great.

Ben:

This is the first time in a year I can't screen share properly, so we'll get back there. But updates are tricky. I just want to talk through updates briefly. And in a reminder, we're talking about updates, incremental updates. This is an update as opposed to an upgrade. If you're not running Big Sur, don't upgrade to Big Sur just because you see I'm running it.

Chad:

Just to get this right.

Ben:

In fact, I would say historically, we wouldn't start recommending a new Mac iOS upgrade until we see something like 11.3 or 11.4. We're not there yet. This is a minor point release, 11.2.3. If this did not require a restart, this one does, I go to more info and it's-

Chad:

Well I should mention really quick too.

Ben:

Yeah.

Chad:

That if for folks that are not running Big Sur, there is an update for Catalina. It's Safari, right? It's a Safari related issue, right? So they've issued updates for Catalina so you don't feel left out if you're not running Big Sur.

Ben:

Man, I could have sworn before the presentation, I looked at this screen and it specifically said it will require the restart. But I don't see that right now. But I know it requires a restart. And the reason that's important is when you have automation, you don't want automation to just start surprising your team with restarts, right?

Chad:

Right.

Ben:

That doesn't go over well at all.

Chad:

No. No.

Ben:

So we will rely on Apple's prompting to apply this type of update. However, we also have a tool that internally we call nudge, and I wanted to try to show you that myself. But in order to invoke it, I have to make some changes because it's a behind the scenes binary, it doesn't run as an app. But this is what it looks like. And I want to share this because this is what we use when people have not restarted their machine or they have not applied those updates, and we really want them to. So your team will see this update box pop up and it will tell them relevant to the update what they need to do. And we try to tell you how long it's going to take. This says 15 to 20 minutes. Some of these updates do take-

Chad:

It's ballpark.

Ben:

Yeah, 15 to 20 minutes and we don't want you to think, "Oh, I'm just going to restart my machine. I'll be right back and join that meeting in 10 minutes." And then you come back to a screen that says it's going to be 20 minutes.

Chad:

Which is great, I mean we want you to update. It's really, really important. It's easy to put these off and increase your risk. No one wants to ruin their day if we can prevent it. And so if we get prompted, try to work that into your schedule without impacting your productivity.

Ben:

And what will happen with Nudge is we give people the option to either start it or ignore it up to the days remaining. In this example, 64 days, that's plenty of time. But if on the last day they still haven't done it, they have to do it. So that's the best we could come up with. We're always looking for ideas on how to apply updates that require restarts. But yeah, it's not easy. So yes, there is an update. Yes, it's safe to apply. But it's not super urgent. Don't freak out if you haven't applied it. I haven't applied it. It just came out yesterday. So I will do that probably at the end of the day, because I have too many meetings and it is going to disrupt my day if I do it any other way. Okay, so that's a little bit about updates and why they're important and how we apply them. But it's case by case situation. If you don't understand in your environment how updates are being applied, let us know and we can answer those questions.

Chad:

Yeah. There's a lot of confusion because there's updates to the operating system, there's updates to your browser, for example. And then even within the browser, there are plugins and extensions that a lot of us install to add functionality to the browsers. And it's really, really important to keep all of that stuff up to date. It's easy to fall way back in terms of applying those updates. And for example, the browser plugins and extensions, that's a great conversation because it ties into the Silver Sparrow one. And as far as we can speculate, most of the people who were infected with Silver Sparrow, we don't have proof of this. This is just speculation again, was through installing some web extension or plugin. And we take it for granted because there's tons of them out there and they're free and you can just go crazy installing extensions and plugins on your browser, whatever browser you use. It could be Safari, or it could be Chrome, or it could be Firefox.

Chad:

But please try to be mindful of the plugins and extensions you use. If you're not using one, uninstall it, get rid of it. If you're installing one, make sure it's by a reputable developer and that it's actively being supported because that's something that is preventable. And yeah, that's all I got to say about that.

Ben:

Yeah. Speaking of that, let's see if my screen sharing is working. And tell me, Chad. I'm going to go to Safari, preferences. Okay.

Chad:

That's pretty snappy now.

Ben:

I'm going to go to extensions. And in Safari, these are the add ins or extensions. So I have two. I have one password, which is absolutely essential. Love it.

Chad:

Mm-hmm (affirmative). That's a great one.

Ben:

And I also have Grammarly for Safari, which I think is also essential. And I love it. But I have in the past had more than this. And occasionally, I will go in, I'll test something and then maybe I forget about it.

Chad:

Right. It's easy. It's easy to do.

Ben:

Yeah. Easy to do. So go in here, see what you're running. If you're running something you don't use anymore, just get rid of it because if it turns out there's a security issue with that and you forget you're even running it, then you could be at risk. So yeah, great reminder, Chad. Thanks for that. And every browser has similar concepts. They may not look the same. They may not be called the same. But Safari, it's an extension. Okay. While I'm here in the browser, let's see. Okay, now we can see it.

Chad:

It's working now, it's real snappy now. It looks great.

Ben:

I wanted to share this. I don't remember if we talked about this in the past or not. And sorry, I my camera keeps shifting. But is Apple silicon ready? Have you heard of this website chat?

Chad:

Yeah, it's fantastic.

Ben:

Okay.

Chad:

And it's pretty up-to-date too. It's surprisingly up-to-date. So whoever's doing that.

Ben:

Yeah.

Chad:

Shout out to them.

Ben:

Yeah. Shout out to whoever built this and I should have done my research and I should know who it is, but I'm sure we can look around here and find out. But this is basically a website that tells us if the software that we're using is ready for the Apple M1 chip. Just as a reminder, we're not recommending the Apple M1 chip for most of our clients. Apple introduced the M1 chip to their entry level machines. We rarely recommended entry level machines to our business professional clients in the first...

Ben:

... recommended entry-level machines to our business professional clients in the first place. So even though the M1 chip is very enticing and we're hearing a lot of good things about it, we have to be careful because it's not always optimized for the software that we use. And I know we have a lot of clients who use Adobe software.

Chad:

We do.

Ben:

So if we go to Adobe software, we see that there is a ... So this is M1 optimized. No, no, no, no, no, no. It looks like there's a beta, another beta, and a beta. No. Okay. Lightroom, Adobe Lightroom. For some reason, that is the one app that if you live in 24/7, then you might be fine with an M1 chip. But if you run any of these other apps, although they will run, they will have to run in what is called Rosetta 2. And Rosetta 2 is basically an application that fools the software into thinking that it's still running on an Intel chip, even though it's not.

Chad:

Emulator. Yep.

Ben:

Yeah. And I see here-

Chad:

That makes it think it's still running the old one.

Ben:

I don't even know what Adobe Dimension is. I must admit, I don't know that.

Chad:

I know who we need to give a shout out to this for, [Abdulla Dhiaa 00:17:20] from Istanbul.

Ben:

Abdulla Dhiaa.

Chad:

Yeah. Well done. Thank you.

Ben:

Thank you.

Chad:

Yeah. Great work.

Ben:

And I don't know if Adobe Dimension ever ran on the Mac or why it doesn't run either, but yeah, don't go M1 if you run that application. Now the good news is if you're Office 365, if I could type, Office 365 M1 optimized. Here, let's say Microsoft might be a better term. Yeah, Microsoft.

Chad:

There you go. That's a good choice.

Ben:

Oh, but Teams, that's an app I live in a lot these days, is not yet optimized.

Chad:

That's right.

Ben:

Microsoft To Do, I've played around with that. I think it's a great app. Not yet optimized. But everything else is optimized, so that's great. So I just wanted to give you a heads up, the last thing about the M1 chip that is being talked about a lot is the built-in graphics capability, so the M1 chip. The summary is, and this is always debatable, but the summary is that if you're a graphics-intensive or graphics-heavy professional, that you rely on rendering on your screen, especially large screens, you probably want to wait for the next iteration that Apple releases of the M1 or the M1X or whatever they call it, because it's going to have more graphics power than this entry-level M1 chip, so another reason why I would tend to avoid the M1 chip, unless you live in the Microsoft world, and you don't use Teams. Who is that? Who is that anymore?

Chad:

Yeah. Right. That's something, I mean, everybody's using some persistent messaging tool, whether it's Slack or Teams or whatever. I wonder if Teams will be compatible soon.

Ben:

I think it will eventually.

Chad:

I'm surprised it's not. It will eventually for sure.

Ben:

Yeah. Okay. So we have 10 more minutes left and what I want to talk about is this webpage we have, which I remember as appletoolkit.com, but it does redirect to an Ntiva domain. And I just want to talk about the process-

Chad:

The steps.

Ben:

The steps. Yeah, this methodology that we created. And even for existing clients, for clients that have worked with us for years, I just had a conversation with a client and I said, "I want to bring you through our new methodology because even though you have a lot of things in place, we're missing a few pieces to get you where we want to be." And this is our methodology, and I want to talk briefly about the phase one. That's where we start. And I'm going to go to this Keynote presentation and just show a couple quick slides. Chad, can you see my Keynote presentation?

Chad:

Yep. It looks great.

Ben:

Okay. So the reason that we want to build this foundation and follow this methodology is because Apple has recently, and I say recently, meaning in the past year, released and promoted a solution called Zero-touch. And in the Windows world, it's most similar to Autopilot. If anyone out there is familiar with Windows Autopilot, which I believe uses Intune, Zero-touch is Apple's equivalent. And Zero-touch means that IT does not have to touch the device, does not have to touch it for deployment, and really rarely has to touch it after deployment. I mean, other than hardware issues, there's really less and less of a reason for IT teams to physically touch a computer or an iPhone or an iPad.

Chad:

They're trying to deliver the consumer experience of like getting a new computer and opening it and making that as close to that kind of purist, just got back from the App Store, or the Mac Store, or the Apple Store, the physical store, right? When you get it in the mail and you open it and it's just this really pleasurable experience.

Ben:

Right. That is the goal. And some of the benefits, not only does IT not have to take time to touch a machine that then gets shipped somewhere else, you can ship directly to your employee, but the employee gets a better experience. It's not a brand new machine that's been opened, configured, manipulated, and given to them, it truly is a brand new machine. And we all know, whether you'll admit to it or not, I think we can all agree, we like opening new things, right?

Chad:

Yeah. For sure.

Ben:

Brand new things out of the box are a little different than things that have already been opened that are given to us.

Chad:

That's true.

Ben:

So Apple really promotes that story and I can't disagree with it that your employees value that computer even more if they get to inbox it. So how do we get to Zero-touch? This is a modern deployment method. We're trying to help all of our clients get there. And we have to have three pieces in place before we can even think about Zero-touch. First is authorized purchases. You have to buy from an authorized location. If you buy directly from Apple, of course, they're authorized. If you buy from an authorized Apple reseller, I know within Inteva, we often work with B&H photo, they are authorized. I know in the Chicago area, a lot of people because they're in the suburbs and because they're huge, they buy from CDW. They are also Apple authorized.

Ben:

But you have to buy from a location that you can prove, I'm authorized as an organization to buy here, and this organization knows my organization. And that's the concept behind it and we can help you set that up. Even if you have an existing relationship, we just need to get a couple of numbers in place, an Apple customer number, which we can help you with, and then the number from the place you're purchasing, whether it's Apple or B&H or CDW. So once we know that, we put those numbers into your Apple Business Manager account. And Apple Business Manager is also a free service from Apple, that any business can apply for and obtain, and once again, we can help you get that account. Some of you may already have that account, and if you do, that's great. We just need to add those authorized purchasing numbers to the account, so you link those together, or you may already have those linked together, even better. You're well ahead of most people out there.

Ben:

Have those linked together even better, you're well ahead of most people out there who have no clue what I'm talking about until until now. Then the last piece to get to zero touch is you need a mobile device management solution that you can connect to your Apple Business Manager. Basically when you buy from an authorized purchaser, Apple knows it's your computer. So they put it into the system, which means it shows up in Apple Business Manager as your computer, and then Apple Business Manager talks to your mobile device management system, which in our situation with our clients we bring to the table. It talks to that system and says, "What do you want this computer to do?" So when that employee takes that computer out of the box and they connect it to the internet, that's what everybody does now, nobody works on a computer without the internet. But when they connect it to the internet, it checks in with the MDM, mobile device management service, and says, "What do you need me to do?"

Ben:

Based on how that's configured, it may say, "I need you to install Office 365. I need you to block the upgrade of Big Sur because we're not ready for Big Sur." Actually that's a bad example, because if you buy a computer [inaudible 00:25:22] with Big Sur, but it is possible to block Big Sur.

Ben:

So it's going to lay down your security policies, it's going to lay down your software. It's going to do all those things that IT would typically do to prep a machine before it's given to an employee. The zero touch means we don't touch it, but obviously your employee is going to touch it. Your employee is going to walk through the Apple set up configuration, and then we still recommend, and Chad, we just lost your camera by the way. Oh, you're back.

Ben:

We still recommend spending some time talking to that employee, whether it's a brand new employee, especially a brand new employee, or an existing employee who's getting a new Mac. So IT, instead of spending time doing all those things that we used to do, we've automated it. It works out of the box. Now we can spend some more valuable time talking to them, answering their questions. Maybe helping them set up two factor authentication on their new account. We can really spend some quality time with them. What's that, [crosstalk 00:26:35]?

Chad:

Less annoying things, more valuable things, maybe. [crosstalk 00:26:39] before it just seemed like a lot of jumping through a lot of hoops and things that we needed them there for, but it wasn't particularly enjoyable from their perspective. And the goal is to make the whole process a more pleasant experience, for sure.

Ben:

Yeah, exactly. I would say even those people, some people are so good at this. They'll take it out of the box. They'll do everything that needs to get done. There's really nothing for IT to do. But still having that check-in, having that introduction, asking if they have any questions, there's typically one question somebody has, and then you can have a conversation. I much prefer having those conversations as opposed to the ones where it's like, "Hey, nothing's working, and I have no idea why you just gave me a computer and it doesn't make any sense to me."

Chad:

So do they, they love that too. It's a win-win. I mean, there's some time involved, right? Depending on how much a laptop for example has to pull down to install. So sometimes there's some patience involved, but it's a completely different experience than what you might be used to.

Ben:

Yeah, for sure. And that's a good point, Chad. Apple cannot magically install something until it's unboxed and connected. So there are certain things we would not recommend you auto-install. Like the Adobe Creative Suite is a huge install. Don't try to install that out of the box. Do the basics, and then give your employee the option through we call it Mac Manage or self-service. They could then load the remaining software themselves.

Chad:

When they need to.

Ben:

Yeah. Or some of that stuff can happen. But to your point, Chad, you're going to spend time in the browser, maybe logging into your email account and setting up your two factor, and doing some of those things while in the background your desktop apps are being installed. So it's a different experience. I know some people we've talked to are little freaked out about it. Like this sounds too different. But once you get into it, it's really great.

Ben:

So that's where we want to be. We want to see all of our clients get to zero touch. The way to do that is to lay that foundation of those three pieces. So once we have those three pieces-

Chad:

[crosstalk 00:29:04].

Ben:

Yeah. Once we have those, we're set up with phase one. There's more detail to it, if you need help with it let us know. There are certain email addresses we would recommend that you set up. Some of these accounts have to have a dedicated Apple ID, Apple ID email that can only be used for your Apple Business Manager and nothing else. So those are just examples.

Chad:

That might be a whole live stream on that.

Ben:

Yeah, Apple ID is definitely a whole live stream, but we don't have time for that today.

Chad:

Not today.

Ben:

What we'll do over the next few live streams is we'll go further down this methodology. Talk about how we can enroll machines that are not brand new, not out of the box. How we can enroll machines that are already in the field. I'm just going to have to leave camera because it just keeps falling at this point. Then we're going to talk about patching and compliance. That's where we start getting [crosstalk 00:30:07]-

Chad:

Everyone's favorite.

Ben:

Yeah. Some fun stuff.

Chad:

No, it's not. It's important. It is important.

Ben:

It is important. Okay. Well, hey, we're keeping this to half hour. I went one minute over. I think that's pretty good.

Chad:

Well done!

Ben:

See you in two weeks. Thanks for joining us. I hope I didn't miss any Q and A. Have a great rest of your day. Thanks.

Chad:

Thanks for listening. Bye

About the Ntiva Apple for Business Livestream

Ntiva’s Ben Greiner and Chad Calease host the Ntiva Apple for Business livestream every other Tuesday from 12:00 to 12:30pm CT. These live events, presented by the Ntiva team of Apple experts, are sharply focused, easily digestible, and cover topics including the latest Apple/macOS/iOS technology updates, cybersecurity, data privacy, MDM and BYOD policies, and more! We take questions from the audience and share what's working—and not working—for us and others in the industry.

VIEW MORE LIVESTREAMS