It is becoming increasingly essential to manage devices in an organization from a central location instead of managing them one by one.
Device Management not only saves a massive amount of time but also ensures that there are no gaps in security. One device is set up as desired and tested, and then this setup can be replicated to all devices in that group.
Having this all in place enables zero-touch deployment. Having a management system in place means devices can be drop-shipped to an end-user. When they take it out of the box and connect it to the internet, the device will configure itself. IBM used this capability to roll out 2000 Macs a week with minimal support staff.
The steps required to set up a modern Apple Device Management system are:
- Get the organization’s DUNs number. This can be accomplished by going to the DUNS web site at https://www.dandb.com/dunsnumberlookup/.
- Register for Apple Business Manager Account at https://business.apple.com/#enrollment. This will require the previously obtained DUNS number and an organization contact that has signing authority. Make sure the email and phone number in the application are monitored. The process of getting the Apple Business Manager account can take 1 to 2 weeks for processing.
- When an Apple Business Manager account is issued, set it up. Apple will send an email with a setup link. Save this email for future reference. You can access Apple Business Manager at https://business.apple.com
- Add Apple Account Number for Device Management Settings (formerly DEP or Device Enrollment Program). This is accomplished at Settings>Device Management Settings>Customer Numbers. It is imperative to add the organization’s Apple Retail Business account number for when they buy computers at the retail store instead of online. I learned this the hard way when an organization purchased 35 Macs from their retail store, and they could not be added to Device Management (Please Apple fix this for Macs).
- Set up the Account for Apps and Books (formerly VPP or Volume Purchase Program) This allows the organization to install apps on devices without an Apple ID for each device. This is set up in Apple Business Manager at Settings>Apps and Books>My Billing Information.
- Choose an MDM (Mobile Device Management) vendor and set up an account (Filewave, JAMF, Mosyle, AirWatch, Intune, MaaS360, etc). There are many quality vendors. You can start with one and switch to another down the road without a lot of problems. Many companies use one brand of MDM for iOS devices and another for Mac devices. IBM uses JAMF for managing their Mac Devices and MaaS360 for their iOS devices. Note IBM owns MaaS360. Pricing for MDMs runs from $1.00 per device per month to $8.50 per device per month.
- Set up your MDM Account and tie it to Apple Business Manager (Apps and Books and Device Management)
- Set up PUSH Certificates. This ensure that when an update is initiated all devices install the update.
- Set up initial DEP Profile for iOS and Macs.
- Test your Enrollment Profile
- Enroll Devices
- Celebrate your success
If you have any questions about these procedures or desire help in setting up your device management, call us at 800-453-8106 and we will be happy to help.