Orb Data

Orb Data's Blog Site

How do I deploy thousands of iOS devices quickly and securely?

Recently IBM and Apple have announced a number of strategic partnerships, however one of these that has slipped under the radar that we have found very interesting is the integration between IBM’s MobileFirst Protect (formerly MaaS360 by Fiberlink) and Apple’s Device Enrollment Program (DEP).

What happens when you get a new iOS device?

When receiving a nice new shiny Apple product, it’s a nice feeling when you get your hands on the box.



Then once you take the device out of the box that feelgood factor continues. Apple have managed to turn purchasing one of their many devices into a consumer delight.



You are now ready to finally switch it on and configure it.

However, once you have opened the cellophane, taken the device out the box and switched it on there are a series of things you need to do. Including (1) Choose a language (2) Choose a country (3) Choose a Wi-Fi network (4) Enter password for Wi-Fi (5) Enable/Disable Location Services, (6) Setup iPhone as new, restore from iTunes or restore from iCloud, (7) Sign in with Apple ID or Create a New Apple ID, (8) Terms and Conditions, (9) Set Passcode, (10) Confirm Passcode (11) Use Siri, (12) Welcome to iPhone.

Finally we are started and ready to go.

Except we still need to configure our email, secure our device, set up some things we need to use on our devices like VPN or wi-fi and finally get a some apps we need to make the device productive.

iOS5iOS6 iOS7 iOS8




Also, when using a device management product such as IBM MobileFirst Protect, that enrolment process needs to be factored in also, from both the administrator and the end user perspective. iOS9 Therefore that whole process can take up a significant amount of time per employee just to get the device useable and to a corporate standard. But what happens if you are in receipt of hundreds or thousands of iOS devices for your employees? How do you configure, secure and deploy them efficiently with the minimum of effort? You can multiply what you just done for one device, by potentially thousands. Performing all these steps manually will introduce user error through manual input, cost time and money and ultimately give you unhappy employees. Not to mention disgruntled administration and IT staff.


Efficient, Streamlined iOS Deployment

Using the Apple Deployment Program alongside IBM Mobile First Protect to streamline device enrollment can really enable organisations to deploy efficiently, deploy securely and deploy with a lightweight touch to configure iOS devices OTA while at the same time realising huge cost savings. We have been able to assist customers with these technologies across health, finance and administration sectors, giving them immediate cost savings. One of our customers said “The ability to hand a healthcare professional an expensive state of the art device, where they have to simply unwrap, switch on and logon using existing credentials really makes it a simple and cost effective task for us to adopt” We will now discuss the steps to enable any organisation to realise the simpicity and effectiveness of using Apple’s DEP program alongside IBM MobileFirst Protect. 

Enabling IBM MobileFirst Protect and Apple’s DEP

#1 Enroll your organisation in DEP using the Apple DEP Portal

To enrol in the Apple Device Enrolment Program (DEP), you can get information on Apple’s DEP Home Page and also read Apple’s DEP Guide. DEP enablement typically takes up to 5 days, and here is my step by step guide to enrollment.

iOS11 iOS12

iOS13 iOS14 iOS15

 Enabling Apple DEP in IBM MobileFirst Protect

 Configure DEP Options in IBM MobileFirst Protect




Configure IBM MobileFirst Protect in DEP





Update the Token in the IBM MobileFirst Protect Portal


iOS22 iOS23

Setting all this will result in a view similar to the following showing all the Apple devices with Serial Number, Status, Token Name and Assigned Profile alongside a description of the device and model.


The Result

When you have enabled DEP support within IBM MobileFirst Protect, all your DEP enabled devices will be capable of being configured as a new device from being wrapped in cellophane to being fully operational within minutes. This includes

IBM MobileFirst Protect will then

The employee will then have a fully enabled and secured corporate iOS device they can then use straight from the box with minimal effort. The other great thing about DEP enabled devices is that if they are ever stolen, lost or wiped the next time they are switched on and connected to the internet they will be automatically reconfigured as before, which renders the devices useless to anyone outside your organisation.

Here is a short video about Apples Device enrollment program and IBM MobileFirst Protect.


IBM have established IBM MobileFirst for iOS which encompasses a suite of solutions built for transformation that are aiming to solve issues such as security, cloud, integration, and app management and support. IBM MobileFirst for iOS is an end-to-end set of offerings designed to address industry challenges on an individual level.

IBM acquired Fiberlink Communications and IBM MobileFirst Protect is a rebranding of the MaaS360 product.

, , , , , , , ,

Comments are currently closed.