Whether you have ten devices or ten thousand, it’s easier than ever to manage iPhone, iPad, Mac and Apple TV. With Apple Business Manager, devices can be distributed directly to employees and used right out of the box, leaving manual configuration behind forever.
Get started in one central place.
Introducing Apple Business Manager, a new place for IT teams to automate device deployment, purchase and distribute content, and manage roles in their organization. Working seamlessly with your mobile device management (MDM) solution, Apple Business Manager makes it easy to enroll devices, deploy content, and delegate administrative privileges.
Enroll devices so that they can be setup automatically with MDM.
Purchase apps in bulk and manage licenses for users.
Delegate admin privileges and manage content across locations.
Now available in more places.
Apple Business Manager is now available in 65 countries or regions, with support for device enrollment, volume purchasing, and role administration. With multinational support for apps, licenses purchased through Apple Business Manager can be assigned to users or devices in any country where the app is available.
Manage with ease.
All Apple devices have a built-in, secure management framework that enables IT to manage and configure settings and enable certain security features remotely over the air. IT can easily create profiles to setup everything users need to be secure and productive. Manage with a light touch without having to lock down features or disable functionality.
One simple framework.
With the secure management framework in iOS, macOS, and tvOS, IT can configure and update settings, deploy applications, monitor compliance, query devices, and remotely wipe or lock devices. The framework supports corporate‑owned devices as well as personally‑owned devices.
Configure and control.
MDM supports configuration for apps, accounts, and data on each device. This includes integrated features such as password and policy enforcement. Controls remain transparent to employees while ensuring their personal info stays personal. And IT maintains necessary oversight without disrupting the productivity that employees need to succeed.
Wide range of solutions.
Whether your business is better suited for a cloud‑based environment or an on‑premise server, MDM solutions are available from a wide range of vendors with a variety of features and pricing, giving you flexibility in how you incorporate Apple devices into your organization. Each solution utilizes the Apple management framework in iOS, tvOS, and macOS to manage features and settings for each platform.
Managed software updates.
With the latest version of iOS 11 and macOS High Sierra, IT can delay users’ over‑the‑air device updates. This gives time and flexibility to complete a thorough certification. Once IT has certified a version of each release, they can choose which version users should download and install. Then IT can directly push the update to all employees to ensure they get the latest security features.
Deploy without lifting a finger.
With device enrollment through Apple Business Manager, a corporate-owned iPhone, iPad, Mac, and Apple TV can be provisioned into your organization’s MDM solution automatically during setup—right out of the box. There’s no need to manually configure devices in a central location and your organization benefits from a higher level of control and security for employees.
Configure account settings, apps, and access to corporate services over‑the‑air with automated MDM enrollment. There’s no need for staging services, and no need for IT to physically access each device to complete setup. Users are guided through the activation process with the built-in Setup Assistant. And IT can even streamline the setup process by skipping certain steps like Apple ID, passcode, and terms of service screens.
Higher level of control.
Through device enrollment, businesses are able to supervise corporate-owned iOS and tvOS devices over-the-air. Using supervision allows greater device management, enabling additional restrictions like disabling iMessage and controlling secure networking features like a global proxy. And now with the latest version of iOS and macOS, IT can manage software updates. On macOS, device enrollment enables you to more easily manage certain security settings like Kernel Extension Loading.
Available wherever you buy.
New and existing device purchases can be enrolled into Apple Business Manager whether purchased directly from Apple or through participating Apple Authorized Resellers. Setting the default MDM server by device type makes it even easier to automate assignments for iPad, iPhone and Mac. And with iOS 11 and tvOS 11, any iPad, iPhone or Apple TV can be brought into Apple Business Manager manually with Apple Configurator 2.
Content distribution made incredibly simple.
Apple Business Manager makes it simple to find, buy and distribute content in volume to meet your every business need. You can even purchase custom apps built specifically for your business by third-party developers. And when apps are distributed through MDM, there’s no need to use redemption codes or Apple IDs to get content onto each device.
Apps and books in bulk.
With Apple Business Manager, buying apps in volume for both macOS and iOS has never been easier. When app licenses are no longer needed, they can be reassigned to another device or employee. You can also purchase custom apps built specifically for your business by third‑party developers. And by purchasing Volume Credit, you can use purchase orders to buy content through your reseller.
Apps purchased through Apple Business Manager can be distributed easily through MDM to users or devices in any country that the apps are available in. Apple Business Manager now allows you to migrate your Volume Purchase Program accounts into one centralized view, making it easier to transfer licenses between locations within your organization.
Keep work data safe. And personal data private.
Once devices are setup, IT can manage and protect corporate data thanks to built-in security features and additional controls available through MDM. Common frameworks and settings across apps enable configuration and on going management of settings.
Separate, seamless, and secure.
MDM solutions allow management at a granular level without the need for containers, keeping corporate data from accidentally leaking out. With Managed Open In, IT can set restrictions to keep attachments or documents from being opened in unmanaged destinations, and vice versa. IT also has tools that allow corporate apps to be managed so that apps can be removed from a device without erasing personal data, or initiate a complete remote wipe or lock if necessary. And on macOS, built-in security features let IT encrypt data, protect devices from malware, and enforce security settings without the need for third-party tools.
Apps you can trust.
Thanks to a common framework and controlled ecosystem, apps on Apple platforms are secure by design. Our developer programs verify the identity of every developer and apps are verified by the system before they launch. Features like signing, app extensions, entitlements and sandboxing provide even greater levels of security. Data can be protected in transit through technologies like Per‑App VPN.
Configure every app.
iOS provides a native ability to configure settings and manage polices within applications. With Managed App Configuration, employees can use apps right away while IT is assured that data within those apps is handled properly.
On macOS, MDM solutions are used to push down preferences and scripts, which lets you configure settings in applications and keep non-App Store apps and other software up to date.
Personal information is always private. As it should be.
Apple believes privacy is a fundamental human right, so every Apple product is designed to use on-device processing wherever possible, limit the collection and use of data, provide transparency and control over your information, and build on a strong foundation of security.
When creating device management tools, employee privacy is considered at every stage of development. Privacy is as important at work as it is at home, even when team members use their personal devices for work. The MDM protocol allows IT to interact with an Apple device, but only a limited amount of information and settings are exposed. The same features that keep data secure in corporate-managed apps also protect a user’s personal content from entering the corporate data stream.
- MDM can access
- Device name
- Phone number
- Serial number
- Model name and number
- Capacity and space available
- iOS version number
- List of installed apps
- MDM is restricted from accessing
- Personal or work mail, calendars, contacts
- SMS or iMessages
- Safari browser history
- FaceTime or phone call logs
- Personal reminders and notes
- Frequency of app use
- Device location
Resources for IT.
Learn the basics of device deployment, security, and Apple services. Or browse deep technical references on iOS, macOS, and MDM.