Use the same management framework for managing iOS devices on macOS devices by leveraging unified endpoint management (UEM) technology to provide consistent management across Apple devices.
Support corporate-owned and BYO Macs, as well as line of business kiosk or shared device use cases in a single management solution
Streamline setup with Apple Business Manager and Apple School Manager (DEP + VPP)
Leverage a Bootstrap Enrollment Process to deliver necessary tools for onboarding
Set up Macs over the air with WiFi, VPN, email, apps and more, while also configuring local and admin accounts to deliver security policies, compliance rules and restrictions
Defer or delay macOS updates when needed or force updates to comply with security requirements
Gain full visibility into your Mac deployment, including AppleCare integration
Deploy any application to a unified app catalog with single sign on (SSO) for users
Enable virtual Windows apps or apps requiring Internet Explorer to run on Mac devices
Support managed license assignments for apps purchased through the Volume Purchase Program (VPP)
Create products containing profiles, apps, files and actions that follow rules, schedules and dependencies with streamlined product provisioning
Deliver software and security updates on a defined schedule through relay servers
Define settings for FileVault to ensure devices are encrypted and Gatekeeper to protect devices from apps downloaded from unknown sources
Maintain control of the admin account on devices and utilize firmware passwords to prevent users from changing critical security settings and policies
Discourage users from sharing sensitive data by highlighting unmanaged domain email addresses and setting automated escalation policies to notify users when devices are out of compliance
Use conditional access controls so only authorized users and compliant devices have access to enterprise resources
Expose a limited set of data center resources to your apps via app- and network-level micro-segmentation and per-app VPN
Enterprise mobility management (EMM) is a device- and platform-agnostic solution that centralizes the management, configuration and security of all devices in an organization, both BYO and corporate-owned. EMM goes beyond traditional device management to include the management and configuration of enterprise apps and content.
A comprehensive EMM solution will include MDM, MAM, mobile content management (MCM), identity management for access control, and productivity apps for easy access to corporate email, calendar, contacts, content repositories and intranet sites. When done right, an EMM solution should supply both the technical capabilities to simplify management and security for IT as well as a pleasant user experience for the employee.
Unified endpoint management (UEM) enables IT to stop using separate tools to manage mobile, desktop and now Internet of Things (IoT) devices. UEM solutions provide a holistic and user-centric approach to managing all endpoints by combining traditional client management of desktop and PC systems with a modern enterprise mobility management (EMM) framework. A comprehensive UEM solution will enable IT to manage users and deliver a consistent experience across all endpoints, secure and manage the full device lifecycle, and do it all in a single, comprehensive platform.
Mobile device management (MDM) is a device lifecycle management technology that enables IT to deploy, configure, manage, support and secure mobile devices through MDM profiles installed on the devices. MDM software provides asset inventory, over-the- air configuration of email, apps and Wi-Fi, remote troubleshooting, and remote lock and wipe capabilities to secure the device and the enterprise data on it. MDM is the foundation of a comprehensive enterprise mobility management (EMM) solution.
Bring your own device (BYOD) is an IT policy that allows employees to use their personal devices for work purposes. EMM platforms enable organizations to implement a BYOD strategy without sacrificing security or employee privacy by providing separation of work and personal data on the device. This separation allows IT to manage and secure only the work data on an employee-owned device. If a device is ever compromised or when an employee leaves the company, IT is able to remove only the work-related data, leaving the personal items on the device intact.