November 20, 2023

Jonas Černauskis: How to Manage Corporate and Personal Data on Apple Devices?

The ease of configuring Apple devices and employee habits encourages businesses to rethink their IT infrastructure. People are more efficient with equipment they are familiar with. So, if an employee uses an iPhone for personal needs and an iPad or MacBook for leisure or daily tasks — they’ll work more efficiently using Apple devices in the workplace as well.

Of course, it’s not just the motivation of employees working with familiar software that benefits companies choosing Apple — a centralized workplace device management system and guaranteed data security will save numerous costs in the future.

A Clear Divide Between Personal and Business Data

There has been a myth in business that an employee’s existing Apple ID account is an additional time expense for the company’s IT department, as current members of the Apple ecosystem do not want to reconfigure their devices. Employees work using their personal accounts, leaving no opportunity for the organization to manage and protect business data.

This is addressed by the Managed Apple ID (MAID) functionality, which offers employees separate work profiles, ensuring a separation of personal and professional data. While the line between company and personal data becomes clear, usage habits can remain the same, so these changes do not inconvenience the employee.

With the release of new versions of Apple’s operating systems this fall, the business-implemented and managed Managed Apple ID supports even more features that employees are accustomed to using with their personal Apple IDs. For example, copying data between devices, answering calls through their MacBook, and storing or synchronizing passwords across devices using iCloud Keychain.

Convenient Configuration and Harmony with Other Devices

A prime example of Managed Apple ID usage is the global aviation maintenance company Magnetic MRO, which has supplemented its workplaces with Apple devices.

Magnetic MRO, due to specific requirements for this sector, provides employees with Apple devices intended only for specific functions. For these reasons, their chosen solution is to streamline company device management using Apple Business Manager (ABM), which, with the help of Managed Apple ID, allows the employee to use only the work profile. All these Apple software functionalities for business are visible on the Microsoft Intune platform, which the company uses to manage its entire IT estate.

For Magnetic MRO, it’s also important that when purchasing equipment from an official Apple representative, the initial configuration for new users through the Device Enrollment Program (DEP) occurs without IT department intervention. Mikk Roosimagi, a business and IT solutions analyst at Magnetic MRO recommends this process to everyone:

“It is really easy, we basically have nothing to do over there as all the profiles are set up. The user must be in the correct group and when ordering the device we must inform the supplier to register the device in ABM.”

With the help of Apple Business Manager and Microsoft Intune software, Magnetic MRO’s IT department precisely knows which devices are for work and which are personal. All equipment intended for work is visible in a fully centralized network, and in case company-managed devices are lost, they can be remotely locked or have their data deleted.

Meanwhile, for employees who are allowed to use the equipment for personal purposes, it is possible to configure two separate environments. One becomes a company-controlled environment (where critical business-managed data and applications are stored), and the other one becomes the employee’s personal environment, where private information is stored and company data is not accessible. The device remains a singular entity, but it can perform two drastically different functions — utilizing an array of different permissions and safeguards.

It’s important to understand that by offering employees Apple-enabled workplaces, a company’s IT infrastructure can remain diverse. These Managed Apple ID configurations are possible with companies’ existing Microsoft Entra ID and Google Workspace solutions. They allow automatic assignment of a work Apple ID to company employees’ accounts.

Proposal for Businesses Looking to Upgrade

Your company’s IT department aren’t the only ones who can configure these solutions — external partners can provide these services as well. For example, Apple workplace management services are provided by Skaylink. They can make sure new devices are integrated into the company’s infrastructure, including software installation, management, and elimination of various operational disruptions.

So, if you want to update your IT infrastructure with devices that truly motivate employees, authorized Apple business seller Skaylink offers equipment under better conditions, can extend the warranty period of the equipment up to 36 months, and consults on all aspects of a smooth business transition to Apple.

Jonas Černauskis, email: jonas.cernauskis@skaylink.lt, tel. +37068707245