With DDM (and forgive this slightly unnuanced layman’s articulation), the device is instructed to upgrade and will then be required to do so by a specific time. Then, rather than polling the device to nag it to conduct the upgrade, the device itself is forced to regularly report back on whether it has achieved the desired upgraded state. In this model, the device is made aware that it should upgrade and will upgrade itself at the first possible opportunity.
There are several advantages — management is more effective, network demands are reduced, and IT has a much better overview across the state of the corporate fleet. DDM is also more secure, as the onus of reporting turns to the device, which, in conjunction with improvements in identity and zero-trust, means IT enjoys a far more accurate picture of events, and devices become less likely to become attack vectors.
What difference does it make?
Apple’s growing cohort of device management partners (Jamf to Kandji, Mosyle, Fleet, Hexnode, Addigy and beyond) already understood Apple’s intention to move toward DDM, which means they are already introducing support for the improved DDM features Apple plans.
This story originally appeared on Computerworld
