Cortado MDM now fully supports Apple’s account-driven user enrollment, significantly simplifying the existing BYOD (Bring Your Own Device) process.
To use a personal iPhone or iPad for work in BYOD mode, iOS offers the option of user enrollment. This creates a separate partition on the device for a work environment. This partition can be managed and secured via Cortado MDM, while the personal area remains untouched.
From now on, user enrollment will no longer be carried out by installing an MDM profile; it will be directly linked to the user account. All necessary components have been integrated into the operating system since iOS 15. A managed Apple ID for each employee, which is handled by administrators in the Apple Business Manager, remains a prerequisite.
Simplified Setup for Device Users
For iPhone and iPad users, account-driven user enrollment greatly simplifies the process. Instead of initially installing an MDM profile, they can start setting up their work environment directly from the device settings. They only need to sign in to their work account using their business email address (by going to Settings > General > VPN & Device Management > Sign in to your Work or School Account) and will then be guided through the setup process.
A detailed setup guide can be found here: Enroll private iOS devices (User Enrollment)
Reduced Administrative Effort for Administrators
Account-driven user enrollment also eases the burden for administrators. They can link the company domain in the Apple Business Manager (ABM) and enable synchronization with identity providers like Microsoft Entra ID thereby eliminating the need for a separate domain for managed Apple IDs and manual assignment. Ideally, they have also activated Entra ID synchronization simultaneously in ABM and Cortado MDM (Enterprise Plan required). In this case, the managed Apple ID matches the users’ business email addresses.
For more details, visit: Embedding private iOS/iPad OS devices (BYOD)
Conclusion: A Faster and More Transparent Process
The BYOD setup process for iOS devices has become significantly faster and more transparent thanks to account-driven user enrollment. The ability to link the company domain directly to the MDM system provides all employees with a clear and secure starting point for setting up their personal iOS devices. Companies benefit from simpler management – a win for everyone involved
Discover how to securely and efficiently integrate personal phones into your company with Cortado MDM.