Hit the Ground Running: How to Enroll and Deploy a New Device Using an MDM

Kyle Bareis
May 27, 2020

There’s nothing quite like turning on a new Mac computer for the first time. But after you hear the sound of the operating system booting up and see the iconic logo, you must go through a brief set-up process before you get to work.

For new Mac computer users in a business or education setting, this set-up phase is especially important. A well-provisioned device should be fully equipped and secure before anyone starts using it.

Luckily, mobile device management (MDM) solutions are built to help your IT team set devices up for success right out of the gate. Here’s how to enroll and deploy a new device using an MDM solution.

Step One: Integrate Your MDM Solution with Automatic Enrollment Programs

Apple device management programs are designed to help with new device enrollment. Apple Business Manager and Apple School Manager are two great examples.

Many enterprise or education administrators don’t know these programs exist, but they’re free to sign up for and can fully integrate with an MDM solution. The set-up process is as intuitive and easy to follow as any other in the Apple universe, and in the long run, these programs will save you time and effort each time you enroll a new device.

For IT teams, one of the biggest advantages of a program like Apple Business Manager is that it enables your team to work proactively: newly purchased devices can be flagged to show up in your inventory even before they go online.

You can then program a device to automatically connect and enroll itself with your Addigy environment once the device is opened. This saves time for IT teams and end users when a new Mac computer boots up for the first time.

Step Two: Customize Your Enrollment Process

The key question you should ask when onboarding a new device is, “What do I want my user experience to be, both during set-up and once they start working?”

Once you’ve answered this question, you can fully customize the enrollment process to reflect the needs of the end user who will be using the device.

For instance, an MDM solution lets you modify the Mac set-up assistant to choose what screens end users see when they first log on. You can also deploy applications, security, and malware protection with different settings for specific groups.

If a device enters through your BYOD program or if it was purchased without being flagged under an Apple Device Management program, Addigy’s MDM solution offers self-service options where you can:

  1. Give users a specific profile to download that comes with all the apps and settings they need to do their jobs.
  2. Offer the newest “User Enrollment” option (released with iOS 13 / macOS Catalina) so users can connect their devices to Addigy while maintaining some independence.

It should be noted that Apple device onboarding is different from PC onboarding. While you may have the same desired outcome for all your devices, having a one-size-fits-all enrollment process won’t work for both types of operating systems, so it’s important to plan accordingly.

No matter how large your organization gets, an MDM solution can help you enroll all of your devices exactly the way you want through custom enrollment processes.

Step Three: Use MDM to Organize Accounts on New Devices

As you add new devices, you’ll likely need to manage additional user accounts. Often, a local account created on a new device is different from the existing work account in an IdP directory.

A tool like Addigy Identity makes it possible to manage these accounts. Once a user logs into a new device with their Okta or Azure credentials, Addigy Identity syncs this info to be the same for the local account.

Once local and IdP accounts are synced, users can login to apps on their devices using the same set of credentials thanks to just-in-time functionality. This means end users experience less account fatigue since they don’t have to juggle so many different usernames and passwords.

Addigy Identity helps IT teams organize user accounts, and makes it easier for end users to manage their credentials.

Mobile Device Management Supports a Seamless Device Enrollment Experience

From experience, we know how much Apple users love their devices. Opening a MacBook for the first time represents the start of something new. By following these best practices for device enrollment, your end users will get new devices sooner and fully equipped with everything they need to get to work.

A mobile device management solution that supports customized workflows for new device enrollment can help your IT team work proactively while mitigating risks. This is key to helping your team hit the ground running with everything they need in hand.

 

Support Mac and Windows
Like many IT admins, you may have gotten your start in a Windows environment. Maybe you’ve spent some time on Apple […]
The COVID-19 pandemic has rocked the American economy, and it seems unlikely that we’ve seen the end of rapid shifts in […]
We all know that malware is on the rise and that it’s worse for Mac users than ever before. But do you know how you can leverage your mobile device management (MDM) tools to meet the security objectives these state regulators have laid out? Let’s dig into their high-level recommendations and how you can improve your Apple device security while at a time when much of your company is still working remotely.