News Summary

• During this process, the connecting device is asked to connect to any existing MDM servers, which then triggers Apple's Device Attestation Servers to verify the device using the device's Secure Enclave.
• During device trust evaluation, each server considers a device's and user's security Posture, or details, which can include: Device attestation uses significant resources on the device, including power.
• If a malicious device tries to lie about the Apple properties of a device in order to try to impersonate a device, Apple's attestation servers will reject it - and the device validation fails.
• Apple calls this device info the Trust Foundation, which may include: MDM servers can issue a DeviceInformation command to an Apple device requesting the device info.
• Apple Device Attestation.Managed Device Attestation enables enterprises to verify Apple devices for security, protecting the corporate network.
• When the Secure Enclave verifies the device, Apple's attestation servers send a response to the MDM or organization's resource server to signify the device is valid.