When you combine Mobile Device Management (MDM) with JumpCloud identity management, user credentials are tied to work devices, letting you easily manage company-owned and personal devices, users, and permissions.
JumpCloud supports several types of MDM enrollment for these device types:
MacOS devices:
- Apple’s Automated Device Enrollment (company-owned)
- Device Enrollment (company-owned)
iOS and iPadOS devices:
- Apple’s Automated Device Enrollment (company-owned)
- Device Enrollment (company-owned)
- User Enrollment (personal iOS and iPadOS devices only)
For more information on all MDM enrollment types, see Choose an MDM Enrollment Method.
After you enroll an Apple device in MDM, you’ll use the same JumpCloud Admin Portal that you use to manage Windows and Linux devices and user access to applications, networks, and servers.
Remote onboarding with JumpCloud is fast and secure. JumpCloud’s Zero-Touch Onboarding lets you customize the screens your users see and then automatically assign the user to a company-owned device. The device can be shipped directly to the employee who turns on the device, authenticates with JumpCloud credentials, and is immediately up and running. If you can’t use Apple’s Automated Device Enrollment, there are other ways to enroll devices in MDM.
You can also create customized policies to automate device enrollment, manage local firewall settings, disable guest accounts, manage App Store access, and perform other security considerations. You can apply these configurations to one device or user, or groups of devices or users.
Follow these three steps to set up MDM for your organization, enroll your devices, and use other features (like policies) to remotely manage the devices.
- Set up MDM for your organization
Upload an Apple push certificate to JumpCloud to establish a secure connection between Apple and JumpCloud so that you can use JumpCloud as an MDM server. When you use JumpCloud as your MDM server, the MDM protocol lets you secure, manage, and configure Apple devices. See Set Up Apple MDM. - Enroll your devices in MDM
If your company-owned Apple devices have been added to Apple Business Manager (ABM) or Apple School Manager (ASM), you can use Automated Device Enrollment to enroll those devices. If the device was not added to ABM or ASM or it is a personal device, there are other MDM enrollment methods you can use. See Choose an MDM Enrollment Method. - Use other MDM features
MDM commands and customized policies let you securely maintain your devices. You can use these features after you set up MDM.