Manually deploying thousands of Apple smartphones, tablets and laptops is tedious, and any veteran IT administrator worth his or her salt doesn’t do it that way. However, this is how most companies get started managing Apple devices.

In recent years, Apple has streamlined the deployment process by introducing its Device Enrollment Program (DEP), which is specifically designed to work directly through a unified endpoint management (UEM) solution. The combination of the DEP and UEM has enabled Apple to carve out a larger presence in the enterprise while making its devices easier to manage.

An Introduction to Apple’s Device Enrollment Program

Apple’s DEP is a unique program that gives IT virtually unlimited management capabilities over iOS devices. There are certain criteria that IT has to meet and follow to enroll, including linking DEP to a UEM solution. Here are some basic steps to help you get started with your DEP integration:

  • Configure DEP options in the UEM solution.
  • Enroll the organization using the Apple DEP portal.
  • Download the token from the DEP and upload it to the UEM solution.
  • Customize device enrollment settings.

In most cases, admins simply leverage the DEP to make user enrollment easier. In other scenarios, admins use a feature called Supervised Mode to add more structure to their environment.

View the Infographic: Low-Touch, No-Touch Deployments for PC and Mac

Leveraging the Security Options of DEP Controls

Supervised Mode is baked into the iOS device policy of the UEM solution. This enables the admin to customize the setup, appearance and overall functionality of enrolled devices. The admin gains the ability to better control the device in specific scenarios. For example, an iPad sitting in a retail store can be locked down to show only one approved application and block users from accessing other apps and device functionality. Unlike unsupervised devices, Apple has given admins the ability to push and install operating system (OS) updates, which keeps devices current and reduces OS version fragmentation.

Some other valuable DEP features include:

  • Kiosk mode — Shows only one app or a custom home screen;
  • Restricting iMessage — Turns off and hides iMessage from the user;
  • Disabling activation lock — The device can be wiped remotely without an Apple ID;
  • Notification control — Customizes the amount and type of notifications a device receives;
  • Blacklisting websites — Restricts specific websites or adult content; and
  • Automatic app updates — Updates apps without user intervention.

In the same portal as the DEP, there is also an option to participate in Apple’s Volume Purchase Program (VPP). As part of this, admins can purchase apps in bulk and silently install them over the air to enrolled devices via the UEM solution.

Watch the Video: IBM MaaS360 with Watson — Apple Device Enrollment Program (DEP) Support

Managing Apple Devices Has Never Been Easier

A major benefit of the DEP is the preconfigured, out-of-the-box experience. When a user powers on a new Apple device, he or she simply completes the customized setup and enters the appropriate corporate credentials. The device is now enrolled and reporting to the UEM solution, and apps are automatically downloaded without the user having to enter an Apple ID. This saves time and money for the organization because everything the user needs is automatically handed down, which also makes users more productive.

The DEP provides no-touch, drop-ship delivery for Apple devices, which minimizes the need to assemble custom images or physically handle hardware for updates.

IBM MaaS360 with Watson offers Apple device management and full integration with the DEP. Streamlined enrollment for iOS and macOS devices has never been easier with a solution that is simple, fast and effective.

More from Endpoint

Deploying Security Automation to Your Endpoints

Globally, data is growing at an exponential rate. Due to factors like information explosion and the rising interconnectivity of endpoints, data growth will only become a more pressing issue. This enormous influx of data will invariably affect security teams. Faced with an enormous amount of data to sift through, analysts are feeling the crunch. Subsequently, alert fatigue is already a problem for analysts overwhelmed with security tasks. With the continued shortage of qualified staff, organizations are looking for automation to…

Threat Management and Unified Endpoint Management

The worst of the pandemic may be behind us, but we continue to be impacted by it. School-aged kids are trying to catch up academically and socially after two years of disruption. Air travel is a mess. And all businesses have seen a spike in cyberattacks. Cyber threats increased by 81% while COVID-19 was at its peak, with 79% of all organizations experiencing a loss of business operations during that time. The risk of cyberattacks increased so much that the…

3 Ways EDR Can Stop Ransomware Attacks

Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took 49 days longer than the data breach average to identify and contain. Worse, criminals will often target the victim again, even after the ransom is…

How EDR Security Supports Defenders in a Data Breach

The cost of a data breach has reached an all-time high. It averaged $4.35 million in 2022, according to the newly published IBM Cost of a Data Breach Report. What’s more, 83% of organizations have faced more than one data breach, with just 17% saying this was their first data breach. What can organizations do about this? One solution is endpoint detection and response (EDR) software. Take a look at how an effective EDR solution can help your security teams. …