CDW Blog

Endpoint Management and CYOD: It Doesn’t Have to Be Hard

25 February, 2019 / by Jess Poulter

Businessman holding digital icons, Cloud computing conceptThe weight of an organisation’s productivity rests on IT's shoulders. Not only is IT tasked with keeping the data center running, but when it comes to personal technology choices, IT also must help keep employees productive. That means avoiding a surge in help desk requests, downtime, security risks, and many other issues.

Today, however, employees have a greater choice in what technology they want to use than ever before. This has resulted in a growing number of Apple devices in historically PC-centric enterprise environments. And, it's no secret that the majority of today's workforce prefers Apple devices compared to the PC and Android devices IT professionals typically prefer. In fact, 75% of enterprise employees prefer iOS over Android, while 72% choose Mac over PC, according to recent research.1

With a choose your own device (CYOD) strategy, employees can select from a list of corporate-approved Apple or PC devices pre-configured with application and security controls by IT. When it comes to keeping your technology-enabled workforce productive, however, IT must have the right tools in place to manage and control the endpoint devices that connect to the corporate network—without creating headaches.

This is where mobile device management (MDM) can help. The right MDM tool enables IT administrators to configure device settings, create accounts, and purchase and distribute applications and books—remotely and securely.

Here are four ways the right MDM tool can simplify endpoint management and ensure your CYOD programme succeeds:

1. Manage Software Partner IDs

If you're running Apple devices in your enterprise environment—in addition to the user ID and password required to access corporate accounts (wikis, webpages, sales portals, VPNs, human resources portals, and more)—your users will also need an Apple ID. The same holds true for Windows users. This ID allows users to access software tools, admin functions on their devices and laptops, cloud storage providers (iCloud, for example), and other services. Your MDM tool should enable IT to have oversight and control over managing user IDs, as well as what users can do on their machines. Managers can use MDM to manage accounts, assign roles, or reset passwords. Meanwhile, users can receive specific permissions for what they can do with their Apple ID, for example, on an enterprise device. In essence, this capability can help keep personal and work data separate.

2. Delegate Location-Based Admin Roles

Being able to assign the proper permissions is critical to keeping an enterprise network secure and free from data breaches. By enabling IT or other admins to assign and edit role permissions, you can ensure that only the right people can access the relevant data. By allowing admins to have control over certain locations—such as your headquarters or regional subsidiaries—you can keep each location more secure, while also centralising the admin’s ability to control only the part of the network where they have jurisdiction.

3. Deploy and Manage Applications

No matter your industry, you likely have a number of business-applications that help keep your daily operations running. And if you're running a CYOD programme, the number of application licenses has likely grown. For IT to effectively manage and keep all application licenses current, MDM can make it easy for local admins to manage licenses, purchase new applications when necessary, and distribute them to local users. If you're running a large business with multiple locations, your MDM tool should also allow you to transfer licenses between locations.

4. Purchase Applications at Volume

Many software and hardware providers offer volume-purchasing programmes where organisations can register to purchase applications in bulk. After making the purchase, redemption codes are created for each app that can be coded to specific users, who can then download and install programs on their machines themselves. Because an Apple ID, for example, can be used for a user's personal account and data, if they download a corporate-approved app through the Apple App Store for their enterprise machine, when they leave the company—the application can go with them. But, with a volume-purchasing programme tied to your MDM software, admins can ensure that these apps stay with the organisation after an employee leaves. That means the license for a particular application can be reclaimed, redistributed, and reused.

For IT teams ready to simplify endpoint management, Apple Business Manager (ABM) can help. Built on existing MDM frameworks, ABM is an Apple-hosted, cloud-based portal that empowers organisations to manage the Apple Volume Purchase Program (VPP) and Device Enrollment Program (DEP), as well as Apple IDs and content—all via one easy-to-use and intuitive portal.

IT managers and admins can use ABM to manage access controls, admin rights, and more—all while end users experience a consumer-grade experience in an enterprise setting.

For more information on how CDW can help your organisation purchase, provision, deploy and support Apple products and realise the multiple benefits of using Apple products in their corporate environment, contact 020 7791 6000 or email



Topics: Digital Workspace, Apple