The process for deploying devices in an organisation depends primarily on whether that organisation or the user owns the devices and on how the devices are enrolled in a mobile device management (MDM) solution.
In the organisation-owned model, devices are purchased by the organisation from Apple or a participating Apple Authorised Reseller or network provider. A device is provided to each user, referred to as a one-to-one or personally enabled deployment, or devices can be rotated between users, which is referred to as shared or non-personalised deployment. A combination of these deployment models can also be used. When using the organisation-owned model, the following deployment processes can be used:
Automated Device Enrolment: Automated Device Enrolment is designed for devices owned by the organisation, and lets organisations configure and manage devices from the moment they are removed from the box. These devices are known as supervised, and the MDM profile can’t be removed by the user.
Device Enrolment: Device Enrolment allows organisations to enrol devices that may not be supervised and manage many different aspects of device use, including the ability to erase the device. If a user removes the MDM profile, all settings and apps that are being managed by the MDM solution are removed.
In the user-owned model, devices are purchased, set up and configured by the user. These types of deployments are commonly referred to as BYOD, or bring your own device deployments. To use organisational services (such as Wi-Fi, mail and calendars) or to configure the device for specific education or business requirements, users typically enrol their devices in an organisation’s MDM solution. When using the user-owned model, the following deployment process can be used:
User Enrolment: User Enrolment is integrated with Managed Apple ID to establish a user identity on the device. A Managed Apple ID is part of the User Enrolment profile, and the user must successfully authenticate for enrolment to be completed. The Managed Apple ID can be used alongside the personal Apple ID that the user has already signed in with, and the two don’t interact with each other.
After understanding the basic steps for a device deployment, an organisation’s IT team can explore Apple’s deployment and management capabilities in detail. This reference covers these tools and web-based portals extensively; the key stakeholders in the organisation should review this document carefully.