First in education, and now in business, organizations are seeing the need to manage Apple IDs for everything from iPhones to iPads to Apple notebooks and desktops. Plus, there are Apple applications such as Keynote to consider, along with Apple services, such as iCloud.
If you need to understand Managed Apple IDs for business, read on. Here are the top best practices you should be following.
Best Practice #1: Manage Apple IDs through Apple Business Manager
Apple has two kinds of IDs: personal and business (or consumer and corporate).
As a consumer, you have an Apple ID that you need to log in to the App Store to download apps for your Mac, iPhone, and iPad.
Every app you download as a consumer is tied permanently to your Apple ID – to the point where, if you install an app with one Apple ID and then you change to a different one, you can have serious problems (especially with paid apps).
If you ever need to update software that was installed with a different Apple ID, the Apple device won’t let you: You cannot install that update unless you provide the password for the originating Apple ID. Or you delete the app and install the app again using your new Apple ID.
This also happens with businesses that pass Apple devices (such as Macs) between employees. Multiple apps on these devices can be attached to multiple employee consumer Apple IDs, creating plenty of headaches when it comes to purchasing and patching apps.
As a business, it’s best to manage Apple IDs through Apple Business Manager. Using Apple Business Manager gives you the additional benefit of Zero-Touch deployment.
Once Apple knows you as an organization, and when you purchase through Apple or an authorized reseller, they know your devices. You can then leverage this established trust to purchase, install and update applications to your devices regardless of Apple ID. Instead of software being tied to an Apple ID, as it is for consumers, it's tied to the device (through the device serial number).
Managed Apple IDs are unique to your company and separate from the personal Apple IDs your employees create for themselves. Unlike with personal Apple IDs, IT administrators manage the apps and services that are accessed.
By managing your Apple IDs through Apple Business Manager, you don't run into as many problems or hiccups when you're working with apps that were installed many employees ago. Apple Business Manager removes the need for a personal Apple ID.
The Takeaway: Stop using personal Apple IDs. Use Managed Apple IDs through Apple Business Manager, and take advantage of the zero-touch workflow.
Best Practice #2: Use Managed Apple IDs for Business & Box for Collaboration
Team members these days do a lot of their collaborating online rather than shoulder to shoulder. And many collaborate using the Apple iWork productivity suite: Pages, Numbers and Keynote.
There are only two platforms that support iWork collaboration: iCloud, and Box.
Your employees are likely already collaborating through iCloud — and probably using personal Apple IDs that they control. If your staff have Managed Apple IDs, then your organization has greater control over securing your business and client documents stored in iCloud.
However, storage is currently limited to only 5 GB, with no option to upgrade. Plus, sharing iCloud files with those outside of your team can be a challenge. Apple is showing signs of making iCloud drive business-friendly, but iCloud is really a personal storage solution.
Apple has worked extensively with Box, the cloud storage and collaboration platform, to integrate cloud-based collaboration into the Apple ecosystem.
One of the big differences between iCloud and Box is that Managed Apple IDs for Business have a 5 GB storage limit, while Box does not limit storage. Plus, Box is a very robust business solution.
The Takeaway: If you want to boost collaboration across your teams using Apple iWork apps, use Managed Apple IDs. And for more business features, greater security, and additional storage, use Box.com.
Best Practice #3: Build Trust Between Apple and Microsoft with Federation
The third and final best practice for managing your data and controlling your Managed Apple IDs for business is through federation.
Federated authentication is the process of using an account’s user name and password from one directory system allowing the same user name and password to be used in other systems.
Where your Managed Apple IDs are concerned, you should use federation to establish trust between Apple Business Manager and Microsoft 365 (formerly Microsoft Office 365). As a result, your users can leverage their Microsoft user names (email) and passwords as Managed Apple IDs.
They can then use their Microsoft credentials to sign in to their assigned iPad or Mac and even to iCloud on the web. Users can also use it to sign in on a Shared iPad.
Once you are federated, you have proven to both Apple and Microsoft that you own your domain and that only you can create Apple IDs on your domain.
With federated authentication, you connect Apple Business Manager to Microsoft Azure Active Directory, which then enables your staff to use their existing Microsoft usernames and passwords as Managed Apple IDs.
Apple and Microsoft make federation easy, but you must federate with a well-though-out migration path.
The Takeaway: If your organization uses a mix of Apple and Microsoft office productivity apps and services, use federation to build trust and simplify authentication and authorization across the two platforms.
Managed Apple IDs for Business – and for Simplicity
Managed Apple IDs offer your organization several advantages, chief among them single sign-on, simplified device management, and greater security along with simple and efficient user enrollment for BYOD devices.
If you need help putting these best practices to work, we can help. Check out Apple Services, Security and Support from Ntiva.