Over the last decade, many businesses have made their way to Mac. This really means a lot of the same workflows that you’re using for iOS are going to translate very well to Mac. So, if you’re currently doing zero-touch deployment on your iOS devices—or your iPad and Apple TV devices—it’s easy to integrate Mac into the same process.
To do this, there are three things that every organization is going to need. First, you need Apple Business Manager—or Apple School Manager for you public sector folks. Second, you need mobile device management. Third, an understanding of how to do endpoint security on the Mac. If you have these three things already—great! You can start deploying Mac tomorrow. Or maybe you’re already doing it today.
Apple Business Manager and Apple School Manager offer Web-based portals that allow IT admins to deploy Apple devices. And once you’ve enrolled devices that you purchase directly from Apple or Connection—or even your carrier—they will appear in this portal, allowing you to assign them to your MDM solution.
So, they get automatically set up. What’s cool about this is—if you have multiple device management solutions in your environment—you can do things like assign all your iOS devices to one and all your Mac devices to another. Now, sitting underneath all this is something called the Apple Push Notification Service.
99.999% of the time that zero-touch workflow doesn’t work is because somebody on the network team is specifically blocking or interfering with an Apple service. So, one of the tools that we have to help—and you get to determine if you have full access to the Apple services that you need—is a tool called the Mac Evaluation Utility. This is freely available from Apple.
Next up is device management. And I’m guessing a lot of you are probably using a solution today. Great. If it supports iOS, there’s a good chance you’re going to be able to manage your Mac devices on it as well. Something to keep in mind is that Apple provides a framework to all developers to create these solutions. The MDM solutions may differ in interface and market focus, but they all work from that same set of APIs.
So, when you’re looking at growing your Mac program, maybe you’re using a current solution and it is not quite working the way that you need it to. Or it might be requiring additional tools to provide sort of the full service that you need for management. Make sure the tool you’re selecting is using all these APIs and we recommend you kind of look at what your requirements are for management and evaluate your selection against them—versus “does this tool manage all of my devices?” If that makes sense. But again, if you’re already managing iOS, you can probably integrate Mas as a workflow as well.
Now, the last thing that we need is this concept of the Apple endpoint security framework. Now, if you haven’t heard of this, it’s probably good because it’s really designed to be invisible. But this debuted on Mac with macOS Catalina. And what it did is it created this user space replacement for all the low-level operating system monitoring that a lot of these antivirus or security solutions needed.
That was really only achieved by operating within the kernel space. Now, this is not a lesson on how UNIX works. In advanced environments security teams want to get more insight into what’s happening with process, execution, and mounting file systems like USB drives. What this means is the sort of concept of endpoint detection and response—as well as what some people are calling “agents” now—Mac ships with a lot of these security technologies, right out of the box.
So, I bring up all these concepts because it’s worth having a discussion with your information security teams to find out what they need to protect important data and really determine which of these solutions can be handled natively on Mac—without the need for another third party. Case in point: most people don’t even realize that Mac actually ships with antivirus and antimalware software called XProtect. It’s designed to be silent and not interfere with your experience. If you don’t know it’s there, there’s a reason for that.
The Next Steps
Need help streamlining Mac deployment? Connection makes creating or upgrading an Apple ecosystem easy. We are an Apple Corporate Reseller with a partnership that goes all the way back to 1984. This means we are uniquely qualified to provide Apple solutions, product availability, and expertise that exceed your expectations. Get started today!
