With the increase in remote work and new deployment strategies, we get asked lots of questions around Apple Mobile Device Management (MDM). Here are the top questions that will hopefully help you out on your journey.
What is Mobile Device Management (MDM)?
Mobile device management (MDM) is an industry term for administrating mobile devices like smartphones, tablets computers and laptops. Further, an Apple MDM is a software solution helps companies deploy, manage, and secure their Macs and iOS devices.
What are the top Mobile Device Management (MDM) solutions?
There are hundreds of Mobile device management solutions (MDM). They aren’t all created equal. Some of the most popular solutions include:
What is Apple Business Manager?
Apple Business Manager is a simple, web-based portal for IT administrators to deploy iPhone, iPad, iPod touch, Apple TV, and Mac computers all from one place. When this portal is used with a mobile device management (MDM) solution, admins can configure device settings and buy and distribute content.
What is Automated Device Enrollment?
Automated Device Enrollment (formerly called DEP – Device Enrollment Program) allows admins to automate the enrollment process and prevent users from removing the MDM profile from the devices.
What is a Zero Touch Deployment?
A Zero Touch Deployment means admins can ship new devices directly to individual employees – no matter if they are in the office, in the field or across the world – and let them unbox it. The first time the device is turned on, it will automatically reach out to their MDM and pull down relevant configurations, settings and management. Businesses will need to leverage the Automated Device Enrollment for zero-touch deployment of new devices.
What is Apple School Manager?
Apple School Manager is a free service that lets you purchase content, configure the automatic device enrollment in a mobile device management (MDM) solution, and provision accounts for students, faculty and staff. Apple School Manager is a web application created by Apple and is free to use.
What is an Apple ID?
An Apple ID is the account an end user (personal) uses to access Apple services like iCloud, the App Store, the iTunes Store, Apple Music, eCommerce Store, and more. It includes the email address and password that used to sign in, and all the contact, payment, and security details used across Apple services.
What is a Managed Apple ID?
Unlike personal Apple IDs, Managed Apple IDs are owned and managed by a company—including password resets and role-based administration. Apple Business Manager can create and manage these accounts at scale. Managed Apple IDs do come with certain limitations.
Certain Apple services are not available to Managed Apple IDs such as:
- Apple Pay
- iCloud Keychain
- iCloud Family Sharing
- SideCar
- Find My
- iCloud Mail
- Purchasing apps, music and books.
How are Managed Apple IDs created?
They can be created using:
- Create accounts manually in Apple Business Manager
- Federated authentication with Microsoft Entra ID
- Federated authentication with Google Workspace
- Use SCIM with Microsoft Azure Active Directory (Entra ID)
What is Apple Configurator 2?
Apple Configurator 2 is a macOS tool that allows admins to enroll iOS and tvOS devices into an MDM if the devices are not eligible for Automated Device Enrollment. By enrolling with Apple Configurator 2, the devices are enrolled as supervised, giving them the same management capabilities as devices enrolled via Automated Device Enrollment.
What is Device Supervision?
Supervision is a status applied to devices enrolled via Automated Device Enrollment. Supervised devices can be managed at a more granular level, allowing admins more control of the device. Such features include iCloud Activation Bypass, Passcode Resets, and a whole lot more!
What is Volume Purchasing?
Now available within Apple Business Manager, the Volume Purchase Program (VPP) was a program that allowed organizations and companies to purchase licenses of apps (iOS and Mac apps) and content. Only using free apps? You will still need to “purchase” 100 licenses of a free app in order to deploy it.
What is Open Enrollment?
A method of enrollment that allows a user to enroll personally owned devices into an MDM. Open Enrollment is useful in situations where Automated Device Enrollment is not an option.
What is Apple Push Notification Service (APNS)?
Apple Push Notification service (APNs) is a cloud service that allows approved third-party apps installed on Apple devices to send push notifications from a remote server to users over a secure connection.
What is Single App Mode?
Single App Mode is an MDM feature that allows admins to configure a device for a specific purpose. With Single App Mode, supervised iPads or iPhones can be locked to one app to focus the device for a single need.
What is Lost Mode?
Lost Mode is a remote command that relays an iPad’s or iPhone’s last known location in an inventory record and locks the device with a custom message like Contact Details or where to return it. Requires iOS 9.3 or later.
What is Activation Lock?
Activation Lock is a feature that was introduced to iPad and iPhone as a part of iOS 7 and computers as of macOS 10.15, which protects devices by linking a user’s personal Apple ID to a device. If a device is ever wiped or restored, the user’s Apple ID and password are required to unlock the device.
What can an MDM access on a personal device?
MDM Can See:
- Device Name
- Phone Number
- Model name and number
- Capacity and space available
- iOS Software Version
- Installed Apps
MDM cannot see personal data like:
- Personal or work mail, calendars, contacts SMS or iMessages
- Safari browser history
- FaceTime or phone call logs
- Personal reminders and notes Frequency of app use
- Device location
What is Remote Unlock?
If an employee leaves without removing their Apple ID that locked the device, an MDM can provide a code to unlock the device, which allows the organization to reconfigure and reuse the device.
Case Study: Managing iPads at Actua
Actua is a national charity that aims to prepare today’s youth with foundational skills in science, technology, engineering and math (STEM). They needed a way to manage 100s of iPads from their office in Ottawa. After consideration, Jamf Pro, an Apple Device Management system was determined to be the best solution for their organization. We helped them deploy it and provide ongoing services. Click here to read more.
Talk to us today about which Mobile Device Management solution is right for your small business.