How IT teams manage mobile devices and BYOD (iOS and iPadOS) with Rippling IT

What you'll learn

• How to manage company-owned and personal iPhones and iPads in Rippling Device Management

• How Rippling enforces security and compliance across devices

• How to support BYOD using enrollment types and Apple’s native MDM framework

• How to monitor mobile device health and automate follow-up when devices fall out of compliance

What you'll need

• Rippling IT with Device Management

• iPhones or iPads running iOS or iPadOS 15 or later

• Apple Business Manager for automated device enrollment on company-owned devices

• Workflow Studio to automate compliance reminders and monitoring

The problem

Mobile devices are now central to daily work. Employees rely on iPhones and iPads for communication, authentication, email, and access to sensitive systems. Without mobile device management, IT teams lack visibility into whether these devices are encrypted, updated, or compliant with security requirements.

Supporting BYOD adds more complexity. Personal devices can access company data, but cannot be wiped the same way as corporate-owned hardware. IT must enforce security controls while protecting employee privacy and avoiding unnecessary access to personal information.

Many legacy MDM tools require separate dashboards or rely on continuous polling, which leads to delays, inconsistent visibility, and higher operational overhead. IT teams often spend time chasing employees to complete enrollment or apply required configurations.

The hypothesis

If mobile device management for iPhones and iPads operates inside the same system that manages macOS and Windows devices, IT teams can standardize security and compliance across their entire fleet. 

The solution

1. Enroll iPhones and iPads in Rippling MDM

Rippling uses Apple’s built-in MDM framework to manage iOS and iPadOS devices. The Rippling Agent is not installed on mobile devices. Instead, users install a configuration profile that enables Rippling to manage settings and enforce compliance.

There are two ways to enroll:

• Automated Device Enrollment (ADE) through Apple Business Manager: Recommended for company-owned devices. Devices enroll automatically during setup.

• Self-enrollment: Employees enroll by following an emailed link or scanning a QR code. This works for both work-owned and personal devices. Users must complete enrollment in Safari.

If Rippling detects that a mobile device is not enrolled, it notifies the user and prompts them to re-enroll.

2. Use enrollment types to support both company-owned and personal devices

When a device is enrolled, Rippling assigns an enrollment type:

• Company-owned. Enrolled through ADE or set up as a work device during self-enrollment. IT can remotely erase these devices if needed.

• Employee-owned. Enrolled as a personal device during self-enrollment. IT can remove only company apps and data. A full device wipe is not permitted. 

This structure lets IT enforce security requirements for work data while maintaining employee privacy for personal devices.

3. Apply mobile configurations through Rippling Device Management

Rippling uses Declarative Device Management to configure iPhones and iPads. With DDM, devices apply and enforce settings directly, report their status automatically, and do not require continuous server polling. This leads to better performance, improved battery life, and more reliable compliance.

Using Rippling’s configuration library, IT can apply:

• Passcode policies

• OS update requirements

• Contact syncing for company directories

• Email account configurations

• Restrictions supported by Apple MDM

Each configuration includes a recommended default template that can be deployed as-is or customized. Policies can be assigned using Supergroups to ensure the right devices and users receive the correct configurations automatically.

4. Deploy apps using Apple Business Manager

If you connect Apple Business Manager to Rippling, you can deploy iOS and iPadOS apps through the Volume Purchase Program (VPP). This includes:

• Automatic app deployment to enrolled devices

• Managed distribution of licenses

• Integration with existing Rippling app deployments

Rippling recommends removing the managed Apple ID login before deploying apps to avoid installation issues.

5. Monitor device status and compliance inside the Devices app

All managed iPhones and iPads appear in the Devices app alongside laptops. IT teams can see:

• MDM enrollment status

• Last check-in

• OS version

• Installed configurations

• Pending actions

• Device specifications like model, serial number, and battery health

MDM status uses a standardized color system:

• Green means the device is enrolled and has connected recently

• Yellow means enrollment is pending or the device has not connected in more than 14 days

• Red means the device has an enrollment or authorization error

IT can drill into any device to view details or take supported actions, such as locking a device or removing company-installed apps.

6. Automate enrollment reminders and compliance workflows

Rippling includes built-in automation to ensure users complete enrollment. If an employee downloads a configuration profile but does not install it within one hour, Rippling can send an automatic reminder email.

Using Workflow Studio, IT can also:

• Alert employees when their device has not checked in

• Notify IT when a policy or configuration has not been applied

• Assign tasks for follow-up

• Escalate issues based on OS version, enrollment status, or missing configurations

Automation removes most manual device tracking and keeps mobile devices compliant without extra effort.

The impact

✓ Manage iPhones, iPads, laptops, and desktops from a single system

✓ Enforce strong security on company-owned mobile devices

✓ Support BYOD while protecting employee privacy

✓ Automatically deploy configurations and apps using modern MDM and DDM

✓ Reduce manual follow-ups with enrollment reminders and workflow automation

Rippling IT centralizes all device management, allowing IT teams to secure and monitor their entire fleet with far less work. By combining mobile management with identity, access, and automation, Rippling delivers a unified, scalable approach to managing both corporate and personal devices.

FAQs