User Experience and IT Automation: 3 Enduring Lessons from Apple’s MDM Journey

IT automation is at the top of many enterprises' minds today. Implementing it efficiently can be challenging. However, enterprises may be able to get some guidance from an unlikely source. Specifically, what can we learn from Apple's own automation journey in mobile device management (MDM), the invisible yet critical technology that enables enterprise organizations to seamlessly manage, secure, and update thousands of devices remotely?

If we take a step back, we can see in broad strokes how Apple has applied many of those user-centric design principles to device management, ensuring that complex IT tasks are simplified and streamlined for both administrators and end-users alike.

Apple co-founder Steve Jobs was known for being many things: a visionary leader, a mercurial perfectionist, and obsessed with delivering simple and elegant user experiences.

Jobs would famously agonize over creating simple design elements and his conception of ‘user-centric design’ remains a steadfast principle of the Apple brand.

“Design is a funny word. Some people think design means how it looks. But of course, if you dig deeper, it's really how it works. The design of the Mac wasn't what it looked like, although that was part of it. Primarily, it was how it worked, he stated almost three decades ago.

In other words, while most of us think about design as something we see, feel, or even experience, Jobs understood that true design goes much deeper. It's not just about aesthetics or usability; it's about functionality and the seamless integration of form and function. It’s about creating products that work intuitively and efficiently, anticipating the needs of the user.

MDM: Planting the Seeds of IT Automation

As corporate users increasingly demanded to use their personal devices in the workplace, enterprise IT departments faced the challenge of managing a diverse array of devices while making sure those devices could access network resources and meet the organization’s security and compliance requirements, all without violating user privacy or impeding usability.

This surge in personal device usage led to the development and evolution of MDM solutions, marking the first step in remotely automating processes that previously required many hands-on, manual steps. Consider the process of configuring an email account on a mobile device: It used to require manually configuring all the settings, such as knowing whether your email required POP or SMTP or entering server addresses and port numbers. In 2012, Apple unveiled its Apple Configurator tool, its initial device-management automation tool, which enabled admins to apply a batch of settings to a tethered device. Now, administrators can update software and enforce controls automatically, with users needing only to enter their passwords.

Apple’s Automated Device Enrollment (ADE) system further transformed the management process by enrolling devices without requiring any physical intervention from an IT admin. ADE ensures that the MDM solution's default configurations are systematically applied as soon as a device is enrolled. 

APIs have likewise played an important role in extending not just individual products but also multiple components of an organization's IT stack, including device management, and tying them together in an automated and coordinated whole. For example, you can define user groups in your identity provider (IdP) and integrate your MDM solution with the IdP via APIs, enabling configurations based on these groups.

More recently, Apple introduced a more advanced form of automation in MDM with Declarative Device Management (DDM). Unlike traditional imperative management, where MDM solutions must issue specific commands, DDM lets the device itself interpret and execute policies based on a 'declared state' defined by the administrators. This means devices automatically check their compliance against predefined standards and configurations without the need for continuous polling, ensuring consistent adherence to policies with minimal manual intervention.

3 Automation Principles

Looking at automation through the lens of Apple's journey in MDM can reveal some enduring lessons that demonstrate how strategic automation can transform complex processes into streamlined and efficient systems: 

1) Automation Shouldn’t “Get in the Way:” A core tenet of effective automation is that it should operate seamlessly in the background, enhancing productivity without disrupting the user experience. In the context of MDM, automation keeps devices current with the necessary applications and security patches without requiring the user to stop what they're doing and re-start their device. Two good examples of this are automated remediations, in which endpoint configurations are regularly checked to maintain compliance with existing administrative policies, and security monitoring to ensure that malware and potentially unwanted programs (PUPs) don’t gain persistence on a user’s device. 

2) Feedback Loops Make Automation Smarter: Well-designed automation relies heavily on robust feedback loops that allow automated systems to capture and understand user behavior, learn from their actions, and refine their processes for better outcomes. Consider the novel approach of DDM, which shifts decisions and remediations to the device itself. This advanced automation capability was the direct result of more than a decade of informed feedback on the original MDM framework. 

3) Continuously Assess and Adapt: Automation is not a set-and-forget approach. Rather, its effectiveness must be continuously evaluated as new policies go into effect and are adapted based on new technologies, security requirements, and business needs. Apple’s iterative release of more sophisticated MDM controls demonstrates a commitment to evolving its automation capabilities to meet the changing demands of enterprises and maintain security and efficiency.

A Final Word on IT Automation and MDM

Just as Steve Jobs insisted on a design that 'just works,' effective IT automation should be intuitive, reliable, and capable of transforming complex processes into effortless actions. While MDM may not be the flashiest example of the impact that automation can have, it's one of the most essential for business users and IT departments.