What is Zero Touch Deployment? And Does It Work?

If you’re managing a scaling macOS estate, that’s good news; clearly, the business in question is growing and in need of more devices.

But with scale comes increased complexity, greater cybersecurity risks, and the thorny issue of deployment.

The larger your macOS estate gets, the more time-consuming it is to continually configure new machines ready for use. It’s tough enough doing this when everyone works from the same office, but with around 60% of the UK’s adult population currently working from home, the challenges become even greater.

The answer lies in zero touch deployment. But we appreciate you may never have heard of this, so, let’s see if it’s right for your infrastructure.

What is zero touch deployment?

Zero touch deployment does pretty much what it says on the tin. You simply ship devices to end users and, when they switch them on and connect to the internet, everything is automatically deployed for them.

That means security settings, profiles, apps, and anything else they need to undertake their job on that computer appear as if by magic and without any need for human input. End users love it – for obvious reasons!

The alternative is manual configuration of each and every Mac you’re tasked with managing, which is incredibly time consuming and often leads to misconfiguration of devices.

How does it relate to Mobile Device Management?

Mobile Device Management (MDM) will be familiar to anyone who has been looking after an estate of Macs within an organisation. They are a set of web-based tools that help administrators deploy and manage devices from any location (when used in conjunction with Apple Business Manager).

Within Mobile Device management, you get detailed inventories of all the devices on your network, along with users, roles, assignment history, content, and activity. If the Macs are spread across multiple locations, you can view each location separately or the entire estate as a whole. It’ll even integrate with third-party services such as Microsoft Azure Active Directory, enabling users to sign in with their existing Azure AD credentials.

Beyond basic inventory, MDM allows us to do smart things across an Apple estate such as enforce patching, run self-healing polices and empower users to be more self-sufficient.

Zero touch deployment refers to the relationship between Mobile Device Management (MDM) and your Apple Business Manager (ABM) account. Without ABM, there’s no simple, automated way to enrol Apple devices into your MDM and distribute the content and apps team members need.

Is there any form of customisation?

Zero touch deployment works out of the box in a limited fashion, but it’s up to the IT team to configure the deployment to best suit users’ requirements.

The fact that this form of deployment, when used in conjunction with Mobile Device Management, allows you to not only deploy apps but content, too, makes for a far richer user experience.

Combined with well-known Apple management software, Jamf, zero touch deployment enables you to preserve the Apple user experience people inevitably want to enjoy, while delivering complete app- and device-lifecycle management for the IT team.

Is zero touch deployment right for my business?

If your business is growing and the number of Macs required to keep operations running smoothly is increasing at the same rate, zero touch deployment is a no-brainer.

It’s not just huge for scaling companies, though. As noted earlier, if your working practices have changed considerably following lockdown, it could be extremely useful. The ability to send new devices to users without any need for manual setup on anyone’s part will ensure the benefits of working from home can be fully exploited, without any detrimental impact on IT security or the user experience.

In summary, if you have any form of mobile device management for your macOS estate, now is the time to start looking seriously at zero touch deployment. If you’d like to discuss whether the moof IT team can help, please do not hesitate to get in touch.