Apple Mobile Device Management Made Easy With Jamf Now

Mobile Device Management (MDM) software secures, manages and supports mobile devices deployed across a business or enterprise. MDM enables over-the-air distribution of apps, data and configuration settings across bothmacOS and iOS devices.

Apple Mobile Device Management Made Easy With Jamf Now

The objective of MDM is to optimise the functionality and security of a device while minimising cost and downtime. The advantages of MDM are:

  • Streamlines deployment of devices through a centralised location
  • Painlessly configure email and Wi-Fi security settings
  • Manage users’ devices remotely; lock and/or wipe lost or stolen devices
  • Enable employees to bring their own devices (BYOD) to remain productive
  • Manage and maintain device inventory centrally

In this tutorial I’ll show you how to set up and manage multiple Apple devices, in businesses, with Jamf Now.

Mobile Device Management Simplified

Apple device management can be time-consuming work for people not versed with technology, especially if IT is not their main job.

Jamf Now, formerly Bushel, is a simple, intuitive way for non-technical people to manage Apple devices. It is a cloud-based MDM solution for deploying multiple Apple devices in any workplace.

Device management throughJamf Nowis fast, accessible, and affordable which is ideal for small businesses that may not have an IT department and large organisations that do.

To successfully deploy devices, you’ll need

  1. A company email address for creating a Jamf Now account
  2. This same email address for creating an APNS, orApple Push Notification Service,certificate
  3. Separate Apple ID for enrolment in Volume Purchase Program (VPP) and Device Enrolment Program (DEP).

Setting Up Jamf Now

It’s really straightforward:

  1. Go toJamf Nowwebsite to create a free account
  2. Check your inbox for and activation email, click on the link in the email and clickLet’s Goto begin the setup procedure

For Jamf Now to work, you have to link yourJamf Now account with your Apple account to manage the devices.

Apple Mobile Device Management Made Easy With Jamf Now

Download theCertificate Signing Request.plistfile and clickGo to Step 2

Apple Mobile Device Management Made Easy With Jamf Now

Click on theGo to the Apple Push Certification Portallink and login with the company Apple ID.

Note: The certificate you create does not renew automatically. You should manually renew it every year using the same Apple ID.

Apple Mobile Device Management Made Easy With Jamf Now

Click on the blueCreate a Certificatebutton and accept the Apple Terms and Conditions.

Apple Mobile Device Management Made Easy With Jamf Now

Click onBrowseand upload theCertificate Signing Request.plistfile downloaded earlier.

Apple Mobile Device Management Made Easy With Jamf Now

You’ll now see the confirmation page. Click the blueDownloadbutton to download the certificate from Apple.

Log out from the Apple Certification Portal and go back to the Jamf Now setup page.

Apple Mobile Device Management Made Easy With Jamf Now

In the last step, click on theUpload the Push Certificateand upload the Apple certificate file. The certificate file is generally named asMDM_JAMF Software, LLC_Certificate.pem

Apple Mobile Device Management Made Easy With Jamf Now

Once you upload the file clickStart Using Jamf Now. You have to do this setup only once. Next time when you login, you’ll see the Jamf Now dashboard.

Enrol in Apple Deployment Programs

Apple Deployment Programs is a suite of programs that help you do the following:

Volume Purchase Program(VPP) lets you purchase apps, books and other content in bulk and distribute them to your organisation’s devices. This requires mobile devices using iOS 9 or later and macOS 10.11 or later on the desktop.

It also works for users without an Apple ID. An Apple ID is necessary for deploying apps to devices running iOS 8 or macOS 10.10.

Device Enrolment Program(DEP) allows you to automatically enrol organisation-owned devices in MDM without having to physically touch or prepare the devices before distributing them to users. When the user turns on the device, they complete a few basic settings and connect the device to a network.

The device contacts the MDM server—and based on the DEP configuration—it enrols and receives assigned settings, apps and content. The devices enrolled must meet the basic criteria as stated in thisApple support document.

Sign up for the Apple Deployment Program and fulfil all therequirementsnecessary for enrolment.

Apple Mobile Device Management Made Easy With Jamf Now

Once enrolled, authenticate Jamf Now as the default MDM solution for managing deployment throughDevice Enrollment ProgramandVolume Purchase Program.

Apple Mobile Device Management Made Easy With Jamf Now

Setting Up the Blueprint

Blueprints in Jamf Now lets you easily customise and deploy apps and settings for groups of devices, all through the web-based portal.

TheJamf Now account starts with adefaultBlueprint.

Each Blueprint represents a different device configuration. Those configurations are—Security Settings, Email Configuration Settings, Wi-Fi Security Settings, Restrictions, Single App Modeand Wallpaper.

Login to the Jamf Now Dashboard and clickBlueprintsfrom the sidebar.

UnderMy Blueprintsyou’ll see thedefaultBlueprint. Click thedefaultBlueprint to configure different device configuration settings.

Apple Mobile Device Management Made Easy With Jamf Now

Security Settings

Jamf Now gives you the ability to set specific settings for device passcodes.

Go to theSecuritytab underMy Blueprintand click the check box to the right of theRequire Passcode. Click the check box for each setting and clickSync.

Passcode policy settings are assigned to all the devices without doing any manual work. Some of the passcode policies available include:

  • Require complex passcode with the support of alphanumeric characters and symbol
  • Minimum Passcode Length
  • Maximum Passcode Age
  • Maximum Failed Attempts
  • Auto-lock on iOS, and more

Apple Mobile Device Management Made Easy With Jamf Now

Email Server Settings

Jamf Now lets you set email server settings.

Go to theEmailtab underMy Blueprintand choose the type of email account:

  • Gmail
  • Yahoo
  • Exchange
  • IMAP/POP

After selecting the mail option, click on the greenSave Email Settingsbutton.

Jamf Nowassigns this email account information to all the devices, the user just has to enter their password. Note: If you’re using Gmail, then you have to enableAccess for less secure appsin the Gmail settings.

Apple Mobile Device Management Made Easy With Jamf Now

Wi-Fi Security Settings

Jamf Now allows you to deploy settings for Wi-Fi networks to all the enrolled users.

Jamf Now supports WEP, WPA, and WPA2 (recommended). Go to theWi-Fitab underMy Blueprintand clickAdd a Wi-Fi Network.

Enter theName, choose WPA2 from theSecuritydropdown list, enter thePasswordand clickSave Changes. The network now shows up in the Wi-Fi Networks list. The user only has to choose that network; no need to type-in a password.

Apple Mobile Device Management Made Easy With Jamf Now

Restrictions

Jamf Now supports a number of restrictions for iOS devices that helps you keep your organisation’s data secure and keep users productive.

Some restrictions require supervision. It’s a mode that allows Jamf Now to provide a higher level of device management capabilities over the air.

When you supervise an iOS device, you can applyadditional restrictions withJamf Now.

Go to theRestrictionstab underMy Blueprintand you’ll see a sub-sectionSupervised Devices Only. Check the box you want to apply and clickSave Restrictions. Jamf Now lets you configureRestrictionsover the air and in bulk.

Apple Mobile Device Management Made Easy With Jamf Now

To setup supervision you have to enrol in Apple DEP. To learn more about supervision, visit thisApple support document.

Jamf Now features that require supervision are:

  • Wallpaper—You can set a custom wallpaper of your organisation
  • iOS Restriction—for instance you can disable AirDrop, Apple Store, iTunes Store, Camera, iMessage, ability to take screenshots and more
  • Lost Mode—Disable and locate a lost iOS device
  • Activation Lock Bypass

Manage Device Inventory

Jamf Now is a cloud-based solution. You can access the product from anywhere and whenever you need to manage any of the devices.

Click theDevicestab from the sidebar and it shows you in-depth inventory information about each enrolled device.

Apple Mobile Device Management Made Easy With Jamf Now

Search, sort, list and filter devices from the top of the screen. View all the Apple devices in a single place and export the data (in .CSV format) for auditing purpose.

Click the device and in theSummarytab for comprehensive details, including:

  • Serial numbers
  • Device assignment
  • Settings configuration
  • Installed apps
  • Device model
  • Date added
  • Supervision status
  • Activation status
  • Blueprint Applied
  • Asset Tag, and
  • Single App Mode

Apple Mobile Device Management Made Easy With Jamf Now

Pricing

Jamf Now is free for the first three devices and then $2.00 per month, per additional device thereafter. There are no contracts or commitments so you cancel at any time. It really is a flexible pricing model that ensures the best value for your business.

Conclusion

In business and educational institutions, IT responsibilities are split between employees to save money. If there’s a large number of devices, managing them is not a trivial task. Jamf Now saves time and money.

It is a cloud-based solution so you can manage the device inventory even from home. Jamf Now web-based dashboard does a good job to simplify complex tasks such as assigning email accounts, setting up secured Wi-Fi, rolling out apps, locking and even wiping data remotely.

In summary, Jamf Now is an easy, intuitive MDM solution for managing Apple devices. Visit their website for more information on services they offer, training, webinars, documentation, and more.