Over the next several weeks we’ll be taking an in-depth look at Profile Manager, the Mobile Device Management (MDM) service built in to Apple’s Server app.
Profile Manager is a tool you can use to take control of all the Mac OS, iOS, and Apple TV devices you own or are responsible for. It can also help you provide your employees access to company resources, such as VPNs, file servers, and email, using their own devices while still requiring those employees to secure their devices in ways that comply with your company security policies.
Why use a MDM service?
Whether you’re a small business owner with just a few users and devices to manage or an IT manager with hundreds, you’re faced with similar challenges: How do you provide users with a unified experience and make sure devices and data are secure, while still handling everything else needed to get my job done.
Depending on the size of your business, how you answer this question can waver between blissful ignorance and total control.
For the small business the answer may be, “I don’t manage devices. I give my users a computer, let them set up their own accounts, download the applications they need to perform their jobs, and hope for the best”.
For larger businesses and educational institutions the answer may be, “I set the computers up, make sure users have access to the resources they need, then lock everything down as tight as I can to keep users from making changes”.
In the end, neither solution is very effective. For the small business owner the devices aren’t really under control and for the large business they’re under so much control that even small change may require every device to be touched by someone with administrative capabilities.
MDM gives you the ability to manage and configure devices, manage user’s access to business resources, including apps purchased from the App Store, and lock or wipe devices, instantaneously and remotely without ever having to touch them.
OS X Server’s Profile Manager
Why Apple’s Profile Manager for MDM
There are many MDM products on the market, all of which offer excellent options for managing devices: JAMF Software’s Casper Suite, Cisco’s Meraki Systems Manager, and Mobile Iron’s Enterprise Mobility Management, to name a few. So, why use Apple’s Profile Manager? For one, it’s built into Apple’s $20 Server app, so you get far more than just MDM when you use Server. It’s the least expensive MDM product on the market. Additionally, as is often the case with Apple’s Server app, it’s powerful but very easy to use. While you do have to have a basic understanding of how security and device management work, you don’t need to be an IT genius to make Profile Manager an effective solution.
What to expect
Over the next several weeks, at a minimum, we’ll perform the following tasks to get you started using Profile Manager:
- Install and setup Server on OS X
- Learn about Server’s key features and how to manage your Server
- Set up, configure, and begin using Server’s Open Directory service for managing user accounts
- Set up device management and Apple’s Push Notification Services
- Learn how to add device placeholders
- Import devices into Profile Manager
- Create MDM payloads
- Understand, create, and deploy configuration profiles
- Manage devices remotely
- Discover the Volume Purchase Program and manage the remote distribution of apps and books
- Allow users to enroll their own devices
- Use the Device Enrollment Portal so users can enroll their own devices
At a minimum there will be ten sections to this primer, but as we begin to discover the features and capabilities of Profile Manger you may have questions that lead to more sections. In other words, the world is the limit, so leave comments or send me questions on Twitter ( @reyespoint) and we’ll make this as interactive and personal as possible.
So, sit back, get set, and let’s start managing devices with Profile Manager.
(Coming next: The Setup )