Negatives of supervising iOS devices via DEP?

Simmo
Contributor II
Contributor II

We're going to be moving to using DEP soon in my environment, previously iPads were not supervised due to having to use configurator, but now that there is the ability to do it via DEP, I was wanting to revisit the idea.
Are there any major negatives to supervising devices with DEP?

8 REPLIES 8

St0rMl0rD
Contributor III

Do you have everything properly set for DEP?

St0rMl0rD
Contributor III

Here's one that prevents us from going DEP this summer:

https://jamfnation.jamfsoftware.com/discussion.html?id=14381

qhle373
Contributor

We haven't found any negatives with supervision in DEP. We run configurator through most of our K-12 environment, but we also supplement the Configurator Supervision with DEP Supervision so the device cannot be used anywhere else.

Simmo
Contributor II
Contributor II

@St0rMl0rD As far as I can tell I do, and due to the fact that previously devices in my environment have not been supervised, being unable to remove the passcode when forgotten is nothing new.

RWitt
New Contributor II

I would say there are too many reasons not to go to the DEP model. The main reasons being the inability for a user to remove profiles and the inability for a user to refresh the device and walk away with it.

The downside from what I see is the idea of sharing an Apple ID. Cart based we are still Configurator based but looking into going DEP on those as well. For 1:1's there is no reason not to be using DEP.

We get around the passcode issue by requiring the pass codes be the same as part of their common log in. That way teachers and admins can get in the device as needed.

John_Wetter
Contributor II

The DEP model is the future of deployment. Personal opinion here: There are no reasons to not go DEP!

DEP is the answer to getting rid of configurator for 1:1 devices, I honestly can't think of any reason why not to do it. The issue you mentioned above @St0rMl0rD really is a non-factor in our environment of about 5000 iPads, I suspect it will not be an impediment to your environment also. We do it maybe a half dozen times a year... Maybe. The work-around is well documented in the community and the positives of DEP are just too great to not do it.

Simmo
Contributor II
Contributor II

I am certainly going with DEP, I am just looking at pros/cons of supervision of iOS devices.

cdenesha
Valued Contributor II

Supervision is something you should do with your institutionally owned devices, so you are prepared to implement configurations that wouldn't otherwise be possible. For example, sometimes students need a more locked down profile for discipline reasons - I can disable iMessage. Teachers are able to utilize Casper Focus, and for SBAC I was able to implement Autonomous Single App Mode - which made my life much easier this year. If you have not seen it, search the iPhoneConfigurationProfileRef.pdf document for "Supervised Only".

I have not experienced any downsides to Supervision.

I have not experienced downsides to DEP except what was mentioned above. Since I force pre-stage enrollment but do not require LDAP authentication, I even had an iPad calling home and enrolling after it being stolen. I make sure not to disable them in these instances so I can capture an IP address to feed to the police.

chris