igor - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Apple's updates make iOS MDM easier than ever before

It's worth taking a look at the new features Apple has included to make MDM with iOS devices easier in the coming update. Automated enrollment, DEP and embedded features all work in harmony to make admins' jobs easier.

Apple's smartphones and tablets natively offer all that is needed for seamless integration with MDM, regardless of platform, thanks to a coming system update.

When managing Apple mobile devices nowadays, the iOS MDM platform doesn't matter much. The products have shaken out and it has become clear which features are needed and which are not. The way these products communicate with the iOS device is what really matters. IOS defines which features can be managed and the MDM platform is just an interface to that. General features related to securing devices and managing software on them are supported along with the configuration of wireless networking and restrictions that can be applied to different apps used on the iOS device.

IOS has built-in restrictions, which are accessible from the General section in the Settings app. You can manage these restrictions with any MDM software or locally from the iOS device. If OS X Server is used, the Profile Manager can manage iOS devices from a Mac and provides options to enroll devices, manage configuration, monitor compliance and remotely wipe or lock managed devices. Because both come from Apple, iOS management integrates well with OS X Server and for a reasonable price. If just iOS devices have to be managed, OS X Server is much cheaper than any other MDM solution. 

Self-service and fully automated enrollment

Using the OS X Profile Manager, users can initiate an enrollment of their device in MDM by initializing the installation of a configuration profile on their personal device themselves. If users have enrolled themselves they can also opt out at any time they like.

Alternatively, for schools, hospitals and other organizations with strict management requirements, IT can automate MDM enrollment for all devices that are owned by an organization by using the Device Enrollment Program. This allows administrators to perform a remote wireless configuration of the devices.

Using the Device Enrollment Program

Apple offers the Device Enrollment Program for devices that were directly purchased from Apple to qualifying businesses, schools, colleges and universities in the United States. This program offers specific iOS MDM features that allow customers to work without any third-party products.

The Device Enrollment Program includes wireless supervision, which allows administrators to use additional restrictions, such as turning off iMessage or Game Center, and it allows administrators to use Web filtering or single-app mode to deploy a device as a kiosk, offering access to one single app only.  User account information and apps are automatically deployed by IT for devices that are managed through the Device Enrollment Program.

Embedded features

No matter which MDM platform is used, the iOS embedded MDM framework offers all of the features needed in a corporate environment. It allows support for managed accounts, which means that only corporate accounts will be added or removed on the device, and it allows for managed configuration and enrollment. Administrators can use device queries to get information about current usage of the device, networking, applications and additional security information. They can manage applications and use security commands as well, to clear a user's password or lock or wipe devices remotely.

Next Steps

Learn about eight more Apple iOS 7 features

MDM’s evolving architecture

Dig Deeper on Apple iOS in the enterprise

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.