2 Provisioning Devices
Basics
In this module learn about the methods for enrolling devices in an MDM solution, including manual, user-based, and automated methods. Over-the-air (OTA) device configuration is also covered, including configuring, setting up Wi-Fi, email, VPN, and other services. Finally, inventory and tracking is addressed, including inventory management and monitoring.
Terms to Know
You should know the following terms:
- Automated enrollment
- Inventory management
- Manual enrollment
- Monitoring
- Over-the-air configuration
- Provisioning
- User-based enrollment
- Virtual private network (VPN)
Information
Device provisioning refers to the initial setup and configuration of devices, such as smartphones, tablets, or laptops, to make them ready for use. This process typically includes tasks like installing the operating system, configuring network and security settings, setting up email accounts, and installing necessary applications or software. The goal of device provisioning is to ensure that the devices are properly prepared and optimized for their intended use.
Enrollment in Mobile Device Management (MDM)
Enrollment in Mobile Device Management (MDM) involves registering devices with an MDM solution for centralized management and control. MDM solutions provide IT administrators with a set of tools and policies to remotely manage and secure devices across an organization. By enrolling devices in an MDM system, IT technicians gain the ability to monitor and control device settings, enforce security policies, deploy software and applications, and remotely troubleshoot issues.
There are different methods of enrolling devices in an MDM solution:
- Manual enrollment requires technicians to manually configure each device individually, which can be time consuming.
- User-based enrollment allows end-users to enroll their devices themselves, following instructions you provide or through self-service portals. This method can reduce the workload for support staff but requires proper documentation and clear instructions.
- Automated enrollment streamlines the process by leveraging technologies like Apple's Device Enrollment Program (DEP) or Android's Zero-touch Enrollment, enabling devices to be automatically enrolled and configured as soon as they are powered on and connected to the network.
- Over-the-air (OTA) device configuration is another crucial aspect. It involves remotely configuring devices wirelessly, including setting up Wi-Fi, email, a VPN (virtual private network), and other essential settings. Be familiar with the steps involved in OTA device configuration if supported by your district to ensure seamless connectivity and functionality.
Inventory and Tracking
Inventory and tracking are vital for managing and monitoring devices within an MDM system. Inventory management includes maintaining accurate records of devices, tracking their locations, ownership, and software versions. Monitoring involves keeping an eye on device status, battery life, compliance with security policies, and other performance indicators.
Know, understand, and be able to follow inventory management practices adopted by your school or district and should be able to utilize monitoring tools provided by the MDM solution to efficiently track and troubleshoot device-related issues.
The role of level 1 IT technicians in device provisioning and enrollment is to support users and troubleshoot common issues. Technicians should:
- Familiarize themselves with the different enrollment methods available (e.g., for Apple, Android, or other OS) and to be able to guide users through the enrollment process;
- Learn to configure devices over-the-air (OTA) to set up Wi-Fi networks, email accounts, VPN connections, and other essential settings;
- Troubleshoot common connectivity issues, diagnose and resolve common device provisioning and enrollment issues (e.g., connectivity, authentication, network or firewall issues, or others);
- Understand the security policies and best practices of the MDM solution, such as securing devices and following password policies;
- Learn how to track and manage devices within the MDM system; and
- Develop strong communication and customer service skills to interact with users effectively, including patience, empathy, strong verbal and written skills, and others.
Additional Resources
Here are additional resources you may find useful:
- Apple Deployment Guide for Education https://support.apple.com/en-ca/guide/deployment-education/welcome/web
- Android Enterprise Enrollment Guide https://www.android.com/intl/en_ca/enterprise/enrollment/
- "What is Apple School Manager?” (Jamf) https://www.youtube.com/watch?v=AcsclgjZm8c
- “MobileIron User Enrollment and Device LIfecycle Management” (MobileIron) https://www.youtube.com/watch?v=eG4U0PnfqAk
- Android Central Forums https://forums.androidcentral.com/
Task/Self-Assessment
Complete the following task or self-assessment:
Complete one or more of the following activities:
- Familiarize yourself with the MDM system(s) used within your organization or in a simulated environment.
- Explore at least three different MDM systems and compare their features, capabilities, and user interfaces. Consider factors such as ease of use, device compatibility, enrollment methods, device configuration options, security features, and reporting capabilities.
- Create a document summarizing your findings. Include the following information for each MDM system explored:
- Overview of the MDM system, including its name, developer, and main purpose;
- Enrollment methods supported by the MDM system (e.g., manual, user-based, automated);
- Device configuration options available in the MDM system;
- Security features provided by the MDM system; and
- Reporting and monitoring capabilities of the MDM system.