Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
Migrating between Device Management Services (DMS) usually involved full device wipes, custom scripts, and hoping everything re-enrolled properly. Some vendors leaned into that pain. They’d offer bargain pricing in year one, then quietly ratchet it up over time. Because what were IT teams going to do? Switching DMS (previously MDM) vendors meant hours of manual work or rebuilding devices from scratch, and employees really wouldn’t see much difference.
About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise grade Wi-Fi, 1000s of Macs, and 1000s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.
Apple is changing that with a new feature for the fall software updates inside Apple Business Manager and Apple School Manager built for device management migration. It solves a real problem that many IT teams have struggled with for years. More importantly, it puts pressure on vendors to keep delivering value at fair prices. When migration is easier, IT teams have more power to move to the best solution for their needs. That’s a win for the customers and vendors who aim to deliver value and not lock-in.
How device management migration works
Inside Apple Business Manager or Apple School Manager, IT admins can now reassign iPhone, iPad, and Mac devices to a new device management service. There’s even an option to set a migration deadline. Once a deadline is set, users will get a notification letting them know that they need to migrate. If they don’t take action, the migration kicks off automatically.
During the migration process, the device removes the old configurations and installs the new ones. Using the bootstrap token, the new service can take over things like Activation Lock and FileVault key escrow. It’s a fairly clean handoff and makes switching to a new platform less of a hassle. It follows a trend in the enterprise I’ve seen Apple do over the last decade: take things that require a lot of hacks/workarounds and make them turn-key.
App preservation is a big deal
One of the most important parts of this new process is app preservation. Without it, every device would feel like a wipe and rebuild for managed apps. With app preservation, the device keeps managed apps installed through the transition. That includes both apps and their data, which makes the migration feel seamless to end users. Apple recommends using the await device configured step to ensure everything reinstalls properly before the user exits enrollment. This is especially critical for iPhone and iPad, where all of the apps are likely going to be managed.
Things to keep in mind
This isn’t a magic switch. There are still some gotchas to be aware of. One issue folks have seen in testing is when a Wi-Fi configuration profile is removed before the new one is applied. In that case, the device can get disconnected from the network during the transition. If it happens at the office, IT Teams will need to spin up an open network to allow folks to connect to finish the process. If they’re at home or somewhere with saved networks, it usually resolves itself.
Apple also mentioned that there’s ongoing work around FileVault and Activation Lock during migration. The new service can rotate the FileVault key using the bootstrap token, but how that behaves in edge cases is still something to watch as the rollout continues.
Wrap up
This new feature from Apple solves a real problem for enterprises that use Apple at work. It helps customers avoid vendor lock-in, helps vendors compete on product quality instead of contracts and switching costs, and makes managing Apple devices a little less annoying for IT teams. There are still things to watch, like how FileVault keys behave or how Wi-Fi reconnects during the changeover, but overall, this is a big win for the entire industry.
Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
FTC: We use income earning auto affiliate links. More.
