About Apple Business Manager

Before Apple Business Manager, there was Volume Purchase Program (VPP) and Device Enrollment Program (DEP). The two programs were rolled into ABM and ASM (Apple School Manager) a few years ago. The sole purpose of these programs is to provide IT with tools that automate the most important functions for managing Apple devices. 

Once ABM is setup, you will only really use it for Managed AppleID account creation, if you want users to have those vs personal AppleIDs, for assigning Apple Devices your MDM, and to purchase Apps in bulk.

I’m guessing but I’d think the sole purpose was to provide an API level connection to Apple for your device management and identity management tools you wanted to use.

Managed Apple ID’s

Managed Apple IDs through Apple Business Manager allow you to deploy a self-service app onto BYOD devices, which is growing in popularity.  The biggest reason why you may want to create Managed AppleIDs is so employees can’t/don’t create personal consumer AppleIDs using their work email.

Rogues Devices & Data

An organization management team without the use of ABM should be asking who owns the Apple IDs? And who owns the data stored in those Apple IDs?

If you have work data in an Apple ID that your employee owns, you may have trouble. What if you need to retain, audit or destroy the data? What if the employee loses the password?

Zero Touch

Once you are buying from vendors that are setup in your ABM account, you simply order from the vendors directly.  The device information is available in ABM and your MDM when they produce an invoice and ship the product.  There’s nothing for you to do if you have device information automatically assigning in ABM to your MDM. 

Note: Make sure you have a good working enrollment profile for devices to get from your MDM.   When the device arrives to the user and is powered on for the first time, as it activates, the device receives the startup instructions from your enrollment profile in your MDM. This is the idea around zero touch.

Zero Touch with JumpCloud MDM

To experience zero touch, you will make sure that you are newly activating devices that are already in your ABM account and is already assigned to your MDM server. Your MDM server will have your enrollment profile and if setup correctly, will give you pretty close to zero touch. You will have to still do some little things like connect to Wi-Fi and choose the language of the device on the device.

Mobile Device Management (MDM) – Apple Business Essentials

Apple Business Manager is not an MDM.  However, you can use Apple Business Essentials which adds a web-based MDM to the offering. ABM/ASM (Apple School Manager) is where you can create Managed AppleIDs that are owned by the company, vs. the personal AppleIDs that are not. ABM/ASM allows you to buy apps in bulk, that can be deployed and revoked to Apple devices with a Managed AppleID using most MDMs.

Image source: https://blog.cortado.com/managing-devices-with-apple-business-manager/

Apple Business Manager Summary

The sole purpose of these programs is to provide IT with tools that automate the most important functions for managing Apple devices. We will discuss more nuts and bolts as we post more content related to the subject.

Updated: For IT Support on Apple Business Manager, click here to read the article.

Leave A Comment