Review: Mosyle's MDM is the top option for managing Apple devices

There are many mobile device management products on the market, so what makes Mosyle such a great choice? Find out why this MDM platform should be part of your organization.

Woman using a tablet

Image: iStock/nd3000

I'm just going to come out and say it: I love mobile device management (MDM)! Ask anyone who has ever been tasked with managing and maintaining hundreds or thousands of mobile endpoints, and I'm sure they'll unanimously agree with me about loving MDM for its ability to reach many devices across the globe with an internet connection.

SEE: TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download  (TechRepublic Premium)

The tools, capabilities, and reporting features ultimately are what make (or break) a mobile device management platform. To me, that dertermines if the MDM is useful or not at reigning in all the devices that require administration. Whether it's installing apps, locking down settings, or performing updates to the underlying operating system in bulk, if your MDM isn't providing you feedback on which devices need what based on status or it simply lacks a fundamental component to leverage the technology to perform maintenance, it will require IT to manually perform administrative tasks.

There are many MDM vendors from which to choose. Depending on the needs of the organization, budget, and industry requirements, one may be a better fit than the next. That will vary greatly between enterprises. However, speaking from first-hand experience in the education and business sectors, I'm a big fan of Mosyle and its incredibly well thought-out and capable, cloud-based mobile device management platform. And if you're in the market for an MDM partner, the points below will illustrate some of the functions you're likely looking for that Mosyle handles with aplomb.

Zero-day support for iOS/macOS/tvOS

This is a huge and often overlooked feature that all MDMs should have, but sadly many do not. Zero-day support refers to how quickly the developer incorporates new features and frameworks (the behind-the-scenes DNA that gives MDM its superpowers) as Apple releases new versions of its operating systems across its device line.

SEE: Top 5 programming languages for mobile app developers to learn (free PDF) (TechRepublic)

When Apple releases a new OS or update, it often includes new features and the code necessary for MDM suites to interpret how to manage that feature. For example, a few iOS versions back, Apple introduced a feature that allows the Wi-Fi signal to be locked down, preventing anyone from turning it off. This is most useful in an education setting, where internet access is provided exclusively through Wi-Fi, so you want to ensure the device maintains its always-on connection.

While this is a more benign example, the purpose is to illustrate that this setting was supported by Mosyle for production use day and date with the release of the iOS update that permitted this setting to be managed. Not weeks or months later: At the same time the iOS update was made publicly available. That's something I wish more MDM companies supported, but alas Mosyle is only one of a handful that truly implement zero-day support for all of Apple's features and capabilities upon release (and actually prior to release, as Mosyle allows for beta access to test these new features and settings via opt-in).

Generate customizable reports

MDM is fun to use. After all, it's quite a rush sending out one command that can be executed on all devices managed in your organization. While I find it thrilling, I'm also of the mindset that "… power without perception is virtually useless and therefore of no true value!" according to Ryuken, a character in the anime series "Fist of the North Star."

SEE: 5 MDM solutions worth checking out (TechRepublic)

The quote means that without perception, or in this case interpreting the data presented to you, the power to execute innumerable commands against client devices is of no consequence because it isn't being focused on a particular goal. It's tantamount to wasting resources. This is where the robust reporting features come in to provide that focus by allowing the admin to drill-down into device statuses based on criteria to filter information into usable and actionable reports. They can be as broad or granular in scope as necessary and may be generated on the fly or emailed to be shared with team members.

Full support for Apple School or Business Manager

This one is another biggie for any organization that really wishes to streamline and standardize its Apple equipment onboarding and management processes. Mosyle was developed with tight integration to Apple School/Business Manager (ASM/ABM). ASM/ABM serves as a group of back-end services for education and business customers respectively that provide automated device enrollment via DEP, application licensing for App Store apps, and standalone user account management (or integration with existing systems via federation with Active Directory or Azure, for example).

SEE: Apple Silicon: Why developers don't need to worry about the transition from Intel-based Macs (TechRepublic)

ASM/ABM serves as the backbone to allow newly purchased devices to be essentially pre-staged within the MDM. It works by activating the devices with Apple upon unboxing when it detects the link to Mosyle based on the device's serial number. Apple then hands over control of the device to Mosyle when the device is enrolled in the MDM. Depending on the settings configured, enrollment can fully automate the setup process or allow admins to specify which settings to allow end users to manually configure.

When set up correctly, on-boarding new devices—or repurposing existing ones—can benefit from drastically decreased setup times and enhanced standardization based on requirements. In short, a user can go from unboxing to fully functional with all apps and settings installed automatically within minutes, depending on the number of apps being installed and internet speeds. And it's flexible enough to allow for settings to be automated without end-user input or worry that it wasn't configured to organizational policy.

Cloud storage for app deployments

We covered the management of Apple apps using ASM/ABM in the section above. But what about third-party applications that are not in the App Store? There's functionality built-in to Mosyle to allow for those to be installed as well. By default, packages will be the preferred way to get apps installed. With a generous cloud storage allotment assigned to your Mosyle account, admins can simply upload the .PKG files to the storage and create a profile that links the packages to the devices or groups they wish to install the apps to. Mosyle handles the rest.

SEE: Serverless computing: A cheat sheet (TechRepublic)

What about complex installs or those that are not in flat-package formats? Mosyle can install those, too, but it might take a little work to get them just right. The extra work speaks to the general difficulty of installing apps remotely in such a manner and having them install exactly as you intend, not of shortcomings within Mosyle's console. For DMGs or multiple apps compressed as ZIP files, simply upload those as you normally would and, instead of creating app install profiles, you will create a custom script that will be used to automate the installation from beginning to end on target devices. Once you get used to the process, it's extremely versatile. 

Lightning-fast tech support

Mosyle's tech support is exceptionally fast. There are no telephone numbers to call or phone trees to navigate. Support is baked right into the console itself. You submit your problem, attaching pictures or videos if necessary, and someone will get back to you shortly. And I do stress shortly. They have a team of support personnel, including some very knowledgeable engineers that can and will work with your team to create customized settings, walk you through configurations, and for more advanced setups, review scripts you've written to check for errors or provide scripts to accomplish any number of tasks you wish to perform. 

SEE: Samsung Galaxy Unpacked 2020: Galaxy Z Fold2, Samsung Galaxy S20, and more (free PDF) (TechRepublic)

Support is based on a ticketing system and just flows with the look and feel of the console. While I haven't felt the need to reach out to support often, the times I have, they've never let me down in either the information provided to address an issue, solutions to perform certain tasks, or in the response times.

Automating management based on criteria

One large facet of managing devices via MDM is the ability to perform management tasks based on criteria being matched, or not, to create contingency-based actions. For example, say I have 500 MacBook Air laptops I wish to upgrade to macOS Big Sur. These laptops are already deployed to users, and some of these devices were previously upgraded by members of the IT team. Big Sur is about 12GBs, so I only want to execute the installation script which will download the full installer locally on those devices that have not yet been upgraded. A dynamic group may be generated to determine the current macOS version installed on the group of devices and only populating the group with the devices having 10.15.x or less installed on them. This way, only non-upgraded devices are targeted, while the upgraded ones are not impacted.

SEE: How to find out if your city has 5G right now (TechRepublic)

This is one of those things that is both a strength and a shortcoming in Mosyle. It's a strength because it simplifies management across the board. No complaints about that. But it's a shortcoming because of how it is implemented in Mosyle versus some of the competing MDM platforms. Typically, dynamic groups like that are constantly being updated when devices check-in periodically. This is preferred so that as devices update the status, they are either added to or removed from the group, as criteria dictates.

Mosyle's implementation is largely similar, except that group membership is restricted to one type of automation that is relegated to occurring between 3 and 4 a.m. each day when the group membership is updated. If a device misses that window or is enrolled after that time frame, it must wait until the next time the update occurs the next morning or must be performed manually by IT. This creates a big lag between when devices are enrolled and when certain processes are executed automatically, which can slow down productivity and confuse stakeholders waiting on devices to become ready or thinking they already have when they haven't. 

As with anything computing-related, your experience, skill set, and organization's policies will largely dictate how tasks will get accomplished or if a solution will even work to resolve a problem. I find Mosyle to be an incredible piece of software, more than capable of managing fleets of devices into the thousands with efficiency. And its minor quirks are not deal-breakers, but rather something that could be tweaked to work a little more toward the goal of working smarter, not harder for you and your team.

Also see