Hexnode CEO sees 3 pain points Apple should fix for IT

Apple continues to grow in the enterprise, supporting this push with regular enterprise-focused enhancements for its platforms. We can see the results as Mac adoption sets new records. But the company can still do more for enterprise IT. To get a sense of some improvements it could make, I caught up with Apu Pavithran, the CEO of device management vendor Hexnode.

“Apple has already shown that it’s listening closely to IT needs, and the path ahead is promising,” he said, arguing that as more Apple devices embed themselves across the enterprise, it’s “a win for everyone: users, IT, and the company itself.”

Pavithran does have three suggestions that should help IT manage Apple’s platforms better, including granular permissions within apps, more advanced support for shared devices, and new APIs to help manage apps acquired outside of Apple’s App Store.

Granular permissions for Apple Intelligence in apps

“Take, for example, Apple intelligence,” he said. “Apple’s on-device AI and its focus on privacy is aligned with the expectations of security-conscious organizations. But as these tools make their way into enterprise and education, IT needs ways to fine-tune how and where they show up.  He argued that one improvement Apple could make would be to give IT admins the power to allocate Apple Intelligence support on a per-app basis. 

“Not all apps should have access to summarization or generative suggestions, particularly when working with sensitive or regulated data,” he said. “Adding an easier process to toggle Apple Intelligence features on a per-app basis would help organizations maintain control without compromising the user experience.”

Pavithran also looked at personalization and AI. He argued that by tying personalization and context to the authenticated user, not just the device, Apple would be able to better ensure that AI-generated insights are truly relevant. 

That’s particularly important on shared devices, as by making the connection between user and context, Apple would drastically reduce the chance AI responses might carry over between users in environments like hospitals, classrooms, or retail floors. 

Making shared devices even more secure

Apple has built a foundation to support shared devices with tools such as Shared iPad, Return to Service (RTS), and Authenticated Guest Mode, but the Hexnode CEO thinks Apple could go further. “RTS has the potential to offer more granular control over wipe behavior or session persistence,” Pavithran told me.

“Apple could take this even further by unifying shared device behavior across iOS, macOS, and visionOS. The ability to pre-stage apps and configurations based on the next user’s role, define what gets retained post-session, or automate the return-to-service flow based on schedules or events would simplify management and reduce friction.”

Better yet, of course, “for privacy-conscious deployments, session isolation and user sandboxing would round out the experience. This allows IT teams to streamline management for devices that change hands multiple times, such as in healthcare, logistics, or field operations.”

What about securing the apps?

Apple’s App Store might be under attack from regulators eager to open these platforms for all the wrong reasons, but it remains the most stable, secure, and trusted app ecosystem on any platform. That means many enterprises rely on the Apple App Store for the distribution of their employee apps.

Announced at WWDC 2025, one of the big changes coming up in the ’26 series of operating systems will be something called version-pinning for App Store apps. This is a great feature that gives IT precise control over when and how updates roll out across their managed fleets.

The problem — and this is one that will likely worsen as third-party App Stores appear — is that many enterprise apps are still not made available via Apple’s store. “These apps often power essential workflows in healthcare, logistics, field service, and finance, places where reliability and predictability aren’t optional,” Pavithran said.

The snag is that as these apps come from beyond the App Store, it means they can’t be managed by the new version-pinning feature introduced at WWDC. 

There is one way Apple might be able to enable App Pinning on non-App Store Apps, suggests Pavithran. “Apple would likely need to introduce a dedicated framework for enterprises to roll out their apps through the App Store. With the right tooling in place, Apple could give IT teams the same level of granular control for every app,” he said.

What’s interesting about these three pain points is the extent to which they represent how Apple use in the enterprise has become so commonplace that the improvements the company can make represent quite unique use cases – shared devices, proprietary app support, and so on. 

At the risk of being a bit of a broken record, if these are the problems IT now needs Apple to solve, you can read that to mean its platforms are already fit for deployment in your business.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.Hexnode CEO sees 3 pain points Apple should fix for IT – ComputerworldRead More