There were 3 streams at the event and, although I really wanted to buck the stereotype and get more involved in the content creation stream, I really had to go to the infrastructure stream as there are so many questions and queries about Mobile Device Management (MDM) that needed looking into.
I blog fairly extensively about the last Leadership Summit here and here so I already had a good idea what we were in store for, and I have also done a fair bit of investigations already. The introduction of Lion Server changed a number of things, and newer tools which have been added on since are also changing ideas about how to plan and manage devices.
I’ve got to say a big thanks to Ned and the rest of the Apple team in the workshop. We all know that companies will toe a certain party line, and these folk are no different, but the allowances for healthy interjection from delegates, questions ranging from the slightly enquiring to the in-depth technical and still managing to keep the workshop pretty much on track meant that they had to field some difficult questions and gave some pretty good answers, and tried not to disappoint when they could offer no more than some basic “sorry, but there is no VPP yet” responses.
I’ve also got to say that there are some legal and regional things about MDM which were covered. The Apple folk did remind us that *we* have to make sure that *we* are happy that *we* are following the T&Cs, laws of the land, etc. The session was a technical one, not a legal and contracts one. There are differences about how we might opt to manage things in UK compared to US because of a number of facts, but the main one is that the Volume Purchase Program (VPP) does not operate in the UK so solutions which talk about bulk purchase and pushing out apps are technically possible in the UK, but not following the rules at this time! We did look at options about how to ensure you are fully licenced and that is another key fact to remember.
So, caveats done and we can continue.
The session started with each delegate introducing themselves and explaining what they were looking for from the session. It was good to see a range of primary, secondary and special schools, people employed by schools and 3rd party support firms, as well as representatives from RM and Jigsaw24. In general most are looking for ideas about how to deploy and manage devices, and about app deployment and the legalities behind it.
Presently we tend to think of traditional IT deployments of suites in classrooms, or we have started to move away from them to mobile classrooms. We then also have those who have gone (or are starting to go) down the one to one route to give an easy way of all being able to access devices (a common theme from the day, to be honest). iOS devices are slightly different and we have a number of options. How you plan your infrastructure is dependant on how you want to plan to use the devices.
We can split it into 3 areas. Device Sharing (closest to present day), One to One (mix of institutional and personal data) and User Responsible (highly personalised and almost anything goes). Once you have thought about which option you want then you can start to plan how to get there. Personally I think it is likely that once you start planning then you might find barriers to going down certain routes and you might have to make compromises … sometimes down to money, sometime down to the need to change the curriculum … it doesn’t mean you shouldn’t try but there might be times you have to be a little pragmatic.
Looking at the methods of managing devices we can see 6 areas.
iTunes – which we are pretty used to with them being consumer devices, but with a large manual requirement
On-device configuration – where we use the settings on the device or on particular apps, again a familiar task with a large manual requirement
iCloud – again something we might be used to
iPhones Configuration Utility (IPCU) – a way of generating profiles which can be applied to one or more devices. Those of us used to GPOs within Windows AD or WorkGroup Manager with macs will find this fairly familiar and the idea that a GPO is just a series of registry changes, or in WGM generates changes to .plist files … profiles are pretty similar.
Apple Configurator – the new kid on the block which is likely to be key for many of us. It allows for prep for mass deployment, supervising devices and assigning devices to individuals within the organisation.
And finally … Mobile Device Management (MDM) – the full blown tool which makes use of a framework provided by Apple to do all of the above. Within Apple’s toolset we have Profile Manager on Lion Server (used in conjunction with some of the above where needed) and you have an MDM lite solution …
There are a number of good 3rd party MDM solutions out there and to some extent it is a bit like making the decision about whether to use middleware on your network to manage Windows, whether it be RM’s CC3 or CC4 or one of the other products out there (Viglin’s Classlink, CSE, etc). It also depends on the mindset of the school. If it the attitude is “lock it all down” then you might want one route, and if you prefer a more ‘enabling’ and user reliant option then you go down another path.
So … there we have the first post … with the above tools you can go from delivering a shared device in a library which can be set up quickly for each user as it is booked out to them, a device which has all the settings for email etc and just requires the user to finish it off by putting in their username and password, you can stop the buying, deleting or even access to various apps, or you can bulk prep personal devices but to get access to your wifi settings they have to ‘log on’ to a certain managed profile. Over the next week I will try to cover each tool in a separate post.
The final thing I will say is that, whilst not explicitly mentioned, it is important to have a decent infrastructure for the devices to run over, and a presumption that most of the management / config will be done on a Mac (some tools don’t require a Mac but the significant ones will do).