With the increased interest of schools to use tablets in classrooms, the Kreismedienzentrum Wildeshausen (media center of the district Wildeshausen) experienced a significant increase in inquiries for circulating tablets in 2015. In order to guarantee a safe operation of the equipment regardless of the location, the institution was faced with the task of organizing a reliable central tablet management.
Due to lack in personnel at the KMZA it was impossible to organize a manual device management, in which the tablets are connected to a laptop via USB cable and the subsequent MDM configuration is carried out individually.
In addition to the central tablet management, they planned to lend the devices to the schools as a so-called ‘suitcase solution’ and wanted to make remote maintenance possible.
Device management requirements
In order to ensure a smooth process, a catalogue of requirements was set up including the following options:
- ‘Contactless’ configuration of the devices during setup, the so-called ‘enrollment’
- Remote maintenance of the devices
- Installation of system-specific updates
- Installation of apps and their updates
- Central allocation of rights and restrictions via configuration profiles
- Allocation of devices to wireless networks
- Organization of an own ‘Appstore’ with managed apps of the Kreismedienzentrum
- Monitoring of the device functions
With the implementation of an MDM solution, the application of one of the KMZ‘s guiding principles was realized simultaneously. Namely, the takeover of support tasks in the area of MDM for the schools in the rural district of Oldenburg by the Kreismedienzentrum.
Schools that want to use iOS devices can, for example, implement their MDM via a common platform of the district.
Possibilities whitin the use of MDM solutions
The MDM solution JAMF Pro® is multi-client capable, i. e. each school is provided with a so-called ‘site’ on a server. This server is rented by the Kreismedienzentrum Wildeshausen and displays all all integrated school devices. The school administrators can then maintain the devices remotely via a web-based access.
The following properties of the device can be located via MDM:
- Device name
- Telephone number
- iOS version
- Installed programs
- Serial number
- Model name and model number
- Storage space and available capacity
Andreas Schenk from the company Apfelwerk portrays this very clearly in a graphic [1]:
By activating the tablets via the MDM of the Kreismedienzentrum schools also have the following further options:
- Own access to the Appstore via VPP (volume program to purchase apps without Apple ID)
- Own synchronization with the Apple School Manager
- Location-based VPP tokens (tokens no longer bound to personal Apple ID)
- 90 days update suppression
- WiFi use only from MDM Managed WiFi – school’s individual home screen layout
- Conversion of unmanaged apps into managed apps
Current models for tablet usage in schools
The following solutions have already established themselves:
- The so-called 1: n – solution (‘suitcase solution’) in which one tablet is available to several students in their everyday school life. The devices belong to the institutions.
- The so-called 1:1 solution in which each pupil has access to a device for the whole school day. Here, the devices also belong to the institution.
- A personal 1:1 solution in which the tablets are acquired privately by the pupils and used in their school.
All three solutions can be managed via MDM.
The significant advantages of a common MDM
Both smaller schools with a small number of pupils (e. g. primary schools) and schools with large units can use a common system for managing tablets through MDM.
Support is facilitated, because the MDM maps a harmonized IT landscape. The administrators of the schools benefit from a close support via the KMZ and regular meetings on MDM topics enable networking and exchanges. Another advantage is the direct connection to a central identity management system. JAMF offers the possibility of a configuration against a central directory service (via LDAP or SAML). This makes it possible to further simplify the above mentioned work processes. A separate user and group administration is no longer necessary.
The device enrollment works with the login data of the school administrators and, if SAML has been configured, even via single sign-on. Also the own school’s ‘Appstore’ can be accessed with the platform’s login data. Apps are assigned based on classes (groups).
From the point of view of a Kreismedienzentrum, this is a considerable advantage, as the support and consulting tasks can be centralized and harmonious infrastructures in the IT area can be set up. However, it is not enough using MDM alone, as further services are meant to be used in the future.
For teachers, this solution has the decisive advantage that a central access to the different platforms is possible. So they no longer need to fight their way through a jungle of login names.
Comments
iPad Kiosk Mode
For a school, iPads are the much necessary educational element for every student as both teachers and students are experiencing the digital learning. It becomes easier for the students to learn easily. But sometimes it becomes difficult to manage when they use these iPads for personal entertainment instead of studying. So this MDM Software can help teachers to manage it remotely and restrict access to unusual stuff which later creates a better learning environment.
Mark Watson
This is one of the great article I have read in this week. Given the fact that you can implement generic MDM system to handle iOS as well as android platform is incredible. Thanks for sharing this article.
Irina Feller
Hello, Mark,
Thank you very much for the praise. I will gladly pass it on to the author. So that you don’t miss this and other interesting blog articles, subscribe to our newsletter.
Best regards, Irina
Neelima
Nice Share! Your blog has always been a good source for me to get quality knowledge… I liked your blog and have bookmarked it.