BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Apple DEP is only available for devices that the organization purchases through Apple or authorized resellers to provide to employees. On the Apple DEP website, IT administrators can preconfigure device settings, including what applications and corporate services each device can access, and set devices to automatically enroll in the company’s mobile device management (MDM) tool of choice. That means devices enrolled in DEP do not require manual configuration, and users never have to click on MDM links to enroll the device. It prevents users from opting out of MDM or removing IT management settings from their device.
To use DEP, the company must first be enrolled in the Apple Deployment Program (ADP). Then, IT can create a DEP account at deploy.apple.com using an email address associated with the company and a nine-digit identification code. IT can then link the DEP account to Apple-approved MDM servers and create admin accounts to manage device enrollment. Each device is assigned to the server by its serial number or order number, and IT can then assign each device to a user profile. Administrators can even auto-assign all future devices to a particular MDM server.
As soon as a user powers up the device, Apple receives a notification, recognizes the DEP account and redirects the device to the appropriate MDM server. The Setup Assistant on Mac and iOS devices takes users through the activation process. BYOD programs are not compatible with Apple DEP because it can only be applied to corporate-owned devices.