Case Study

Mobile Device Management (MDM)

Tools: NinjaOne MDM · Sophos MDM · Apple Business Manager

The Mobile Device Management (MDM) initiative covers the administration and lifecycle management of all company iPhones and iPads across eight subsidiaries. When the previous IT staff left, full responsibility for mobile devices — from procurement to deployment — was transitioned to me. The goal was to ensure consistent, secure, and documented management of over 100 active devices through centralized policies, profiles, and workflows.

The Problem

The challenge was not the system itself but the lack of continuity and structure after staff turnover. Device registration and documentation were inconsistent, policies were outdated, and several devices were missing from the management system.
The need was clear: reestablish a stable, transparent, and secure mobile environment that could scale across all companies while maintaining compliance with corporate IT standards.

My Role

As the sole MDM administrator, I was responsible for the complete lifecycle of all iPhones and iPads, including:

  • Procurement, setup, and deployment of new devices
  • Device enrollment and configuration through Apple Business Manager (ABM)
  • Management of profiles, policies, and app distributions in Sophos MDM and NinjaOne MDM
  • Coordination with end users and company departments for setup and device replacement
  • Documentation and tracking of all active devices and their assigned users
  • Continuous improvement of structure, policy design, and compliance configuration

All MDM-related operations — including security rules, group assignments, and device onboarding — were executed solely by me.

The Process

The process was rebuilt to ensure full traceability and uniformity across all company entities:

  1. Procurement: New devices were ordered, registered, and added to Apple Business Manager.
  2. Enrollment: Devices were automatically assigned to the appropriate MDM system via ABM synchronization.
  3. Configuration: Specific enrollment profiles and policies were applied per department or company.
  4. App Management: Managed apps were distributed and updated remotely.
  5. Documentation: A new device documentation standard was introduced to record ownership, registration date, and status.

Through these measures, every new or existing device became fully integrated into the company’s management infrastructure.

The Solution

The unified MDM environment was built using:

  • Sophos MDM for main policy and app management
  • NinjaOne MDM for extended monitoring and remote device management
  • Apple Business Manager (ABM) for automated device enrollment (DEP) and profile assignment

Improvements included restructuring profiles, updating app deployment configurations, refining device grouping, and creating a clear documentation model.
This combination of tools provided a fully automated lifecycle — from purchase to provisioning — with minimal manual intervention.

Results & Impact

The improved MDM structure established a centralized, efficient, and transparent management environment:

  • Over 100+ devices managed across 8 companies
  • Complete synchronization between ABM, Sophos MDM, and NinjaOne
  • Standardized enrollment and configuration for new devices
  • Up-to-date documentation and clear ownership tracking
  • Enhanced security and faster provisioning for new employees

The company now has a stable, compliant mobile environment that scales efficiently, reduces manual setup time, and ensures every device is properly registered, managed, and traceable.