Jamf and more: Apple MDM tools for smaller businesses

Jamf is the most well-known Apple MDM vendor, but small to midsize organizations have plenty of other options for managing Apple devices.

Apple’s recently announced Business Essentials service is a powerful entry point into the world of Apple device and user management. But there’s a point at which small and midsize organizations (to say nothing about large enterprises) will outgrow the service. At — or ideally before — that point, it will be time to research what other Apple device management solutions are on the market.

In this story I’ll look at companies that support Apple’s MDM (mobile device management) platform and that specialize in Apple device and user management.

What exactly is MDM, and is it the only way to manage Apple products?

Let’s start with a brief recap of what Apple MDM is and how it operates. MDM is an open platform that Apple launched in 2010 to make management and security provisioning of its mobile devices simple for enterprise environments. Apple’s MDM launch coincided with the introduction of the iPad and the iPhone 4 at a time when business users had already begun to use their personal devices for work purposes — with or without IT’s involvement (the latter a phenomenon that came to be dubbed shadow IT). MDM offered a way to integrate those devices (and any company-purchased Apple devices including iPhones, iPads, Macs, and Apple TVs) in a secure manner.

Somewhat counter to its usual way of working, Apple itself did not build its own MDM software, preferring to leave that to third-party companies that had an enterprise focus and user base. Many of those companies merged or were acquired, and most began to focus beyond just Apple devices as Samsung launched its own security and management product called KNOX and as management capabilities in Android came online. Over time, those vendors’ MDM products added even more capabilities, expanding to become enterprise mobility management (EMM) suites and eventually unified endpoint management (UEM) platforms that cover a wide range of devices and OSes.

Apple’s MDM framework has gone through quite a bit of development in the past 11-plus years. But at its heart, it uses XML data to define management characteristics, provision devices with security credentials and apps, block access to certain features, and set certain requirements like passcode use. It also enables zero-touch deployment where a user can receive a device still in packaging that will automatically configure itself once the user provides their login credentials.

With iOS 15, Apple is moving to a model it calls declarative management that puts more of the policy enforcement on the device rather than requiring the MDM service to poll devices. The basic concept of MDM, however, is the same. (For more details, see my take on declarative management, “How Apple is changing MDM in iOS 15,” and check out the related session videos from Apple’s developer conference.)

MDM isn’t the only way to manage Apple devices. Placing an agent on a device, particularly a Mac, can allow more granular reporting and management. It can also perform greater configuration and integration with various enterprise platforms like SAP, IBM, Slack, and so on. Device agents can also be used to deliver a custom curated app store for licensed or internal enterprise apps.

The major Apple device management vendors

With that background, let’s start looking at the companies that specialize in Apple MDM.

Jamf: The most established vendor focusing on Apple management in the enterprise, Jamf was making Mac management solutions well before the iPhone was introduced. Its lead in Apple device management, particularly beyond MDM, is due to its experience and the integrations it has made with other enterprise technology vendors such as SAP. (See “How Jamf fits into the enterprise device management landscape” for more details.)

While Jamf offers excellent services, they are mostly aimed at large enterprises that need Apple product management and enablement. The company’s numerous offerings are likely to overwhelm small businesses, with more features (and a higher price tag) than many SMB organizations need and can afford.

Kandji: Kandji is a somewhat new player in the Apple MDM space. The company’s big value-add is automation. There are very often a number of steps and tasks to building out an Apple MDM environment. With hundreds of automations, Kandji is an excellent option for many SMB organizations.

SimpleMDM: The name says it all. SimpleMDM is focused on making Apple MDM decisions and deployments as simple as possible. For overwhelmed SMB IT teams, SimpleMDM is almost a panacea. Even its licensing is simple — simpler than that of almost any vendor I’ve seen.

Addigy: Addigy seems like David in the land of the Goliath. The company acknowledges that it’s a small team. This could be a detriment, but the vendor seems very well suited for SMBs, particularly small teams experiencing significant growth. They seem to offer a very personal or “white glove” experience for companies that are usually too small to make it to white glove status. The downside is that the company and the platform are still maturing.

Device management beyond Apple products

The companies highlighted above are those that focus exclusively on Apple, and, Jamf aside, on small and midsize businesses. They are experts in working with this market because they specialize in serving it.

But if your company’s needs go beyond managing Apple devices, there are several additional vendors that offer multiple-platform options. Some are independent best-of-breed standalone products, and others are well-established enterprise vendors — Microsoft, Citrix, and VMware, for example — that build a company's IT stack and throw in device management at a low cost because of the large licensing that an organization has with them. Both approaches have their advantages and disadvantages, and you may want to combine approaches, as explored in my recent story “With EMM, should you go full stack or best of breed?

The most important thing for the SMB market to know is that there are several excellent options for supporting and managing Apple products in business and education, and that one solution doesn’t fit all. That’s okay, because there are choices out there for wherever you, your team, and your organization are.

Copyright © 2022 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon