1. I/O DAC for Linux Devices

We’ve now extended I/O Device Access Control (DAC) to Linux devices with support for managing USB peripherals.

With this enhancement, you can:

• Control access to keyboards, mice, webcams, USB headphones, printers, and Wi-Fi adapters

• View connected USB devices in Device Details (based on last sync – every 15 minutes)
  

2. Updates to Windows device management:

a) Password-Protected Uninstall for Windows Agents

Password protection now applies to all Scalefusion Windows agents: ProSurf, FileDock, and Remote Support.

How it works:

• Enabling the setting in the Utilities section blocks users from uninstalling agents without a password.

• You can retrieve uninstall passwords from Device Details.

b) Windows OS Update Rollback 

To resolve post-update issues like app failures or performance drops, you can now roll back or uninstall OS updates/patches on Windows devices. You can check and identify eligible updates with the rollback icon in the available update list or device view.

c) Block Manual & Auto Updates

You can now also disable automatic updates and user-initiated updates from Settings for better compliance. This can be configured in the Update Settings. 

d) Support for OTP-based login for Scalefusion Windows Deployer 

Scalefusion Deployer now supports OTP-based login for all account types, including Google Workspace & Office 365 users. 

3. New report for macOS: 

Power state reports are now supported for macOS, enabling better visibility into device usage patterns.

4. New enhancements to access management with OneIdP

a) O365 Access Control on iOS (BYO & CO)

We've enhanced the Scalefusion MDM Agent and OneIdP SSO integration to provide more secure access to Microsoft 365 (O365) apps on both BYO and corporate-owned iOS devices.

With this update, only managed apps, specifically those deployed via the Scalefusion dashboard, can be used to log in to O365. Personal apps or browsers, such as Safari, will no longer be permitted for O365 access.

Note: To enforce this secure flow, you need to configure the settings in the Azure AD / Entra portal. 

b) Signed-In User Email Visibility

You can now view the signed-in user's email address associated with a device. This email is identified based on the user who logs into the device, either via Keycard or local login, as long as there's a corresponding user entry in the User Enrollment section.

This data is available in:

• Device Inventory (DI) reports

• Developer APIs

5. Unified App Config for enterprise apps

App Configuration for enterprise apps for Android is now release-agnostic.

What this means: 

• One config works across all app versions. Create only one app configuration and use it for all the releases.

• To accommodate changes in keys across releases, each key is now displayed with a version label. You can identify which versions of the same Enterprise Store (ES) app the key belongs to, making it easier to manage and compare keys across versions.