What to do and what to avoid when undertaking Apple device deployments | #macos | #macsecurity

GUEST OPINION: Within many organisations, there can often be sizeable fleets of Apple computing devices. Office staff may use Apple MacBooks and iPhones while iPads could be a default option in factories or warehouses.

Apple fleets are also a common sight in many schools. There they are used by both teachers and students to access learning materials and complete assignments and projects.

When it comes to deploying and managing Apple fleets, there are some key things that should be done and others that should be avoided. The top five ‘dos’ are:

Enrol in Apple School or Apple Business Manager

These are web-based portals that streamline the deployment and management of large fleets of Apple devices.

The portal comprises two primary functions. The first, automated device enrolment, allows newly purchased devices to be quickly and easily enrolled into Jamf. The second, volume purchasing, streamlines the way apps are purchased for use on those devices.

Create a comprehensive software list

It is important for an IT team to be aware of all the software end users will require to get their jobs done. This list should include everything from apps to kernel and system extensions.

Permissions should also be put in place that allow system extensions to run automatically without requiring the permission of the user. This will ensure software is always available when required.

Consider the hardware that’s in place

For years, Apple devices have relied on processor chips from Intel and software was optimised to run in that environment. Now, with the launch of Apple’s M1 processor, there are likely to be two platforms in use within your organisation.

Take time to assess how many of each type of device is being used and determine what this means for the versions of software being made available. Also consider deploying the Rosetta tool on M1 devices so that they will be able to run software written for Intel chips.

Develop a deployment strategy

When rolling out a new fleet of Apple devices, IT teams can choose either a ‘hands-on’ or ‘hands-off’ approach.

A hands-on approach involves the team configuring each device and installing software before they are distributed to end users. Taking a hands-off approach means users receive their devices unopened.

If choosing the latter, ensure there is a workflow in place that automates the activation and configuration process. This will allow users to get up and running as quickly as possible.

Remember the security requirements

It’s important that devices are fully secured from the moment they are put into the hands of end users. Security measures that should be considered include FileVault encryption, requirements for passcodes, and screen saver settings.


At the same time, there are five key things to avoid when it comes to Apple device deployment and management.

Have a plan for VPP token storage

Sometimes it might become necessary to shift from one mobile device management (MDM) platform to another, but this can cause problems if a single VPP token then becomes available across multiple platforms. To avoid this happening, always ensure each VPP token is only stored in a single MDM.

Take your time

IT teams can often feel that there is not enough time to get everything done, but this should not become a reason to rush processes as that is when errors can occur. Create detailed workflows that ensure all required steps are taken as this is the best way to create a solid and secure end-user experience.

Robust security and education

While it’s important to have strong security, it’s also important not to take too much control away from end users. Only put in place measures that are required and work to educate and inform your users what is expected of them.

Don’t assume users understand technology

Users will have different levels of technical proficiency so remember to provide training on all new devices and software. Giving access to e-books and user guides is another way to encouraging ongoing learning.

Test and keep testing

In reality, there is no such thing as too much testing when it comes to confirming your Apple infrastructure is operating as it should. Test new software before they go into production and different OS versions and patches before they are deployed. This will help to reduce outages and lower user frustration levels.


By undertaking these tactical strategies, IT teams will be able to have a properly configured and secure fleet of Apple devices in place as quickly as possible. By following pre-defined workflows and making use of available tools, the benefits of Apple technology can be enjoyed without any unnecessary disruption or issues.

Original Source link

Leave a Reply

Your email address will not be published.

85 + = ninety two