What Is Apple Business Manager and Why Should Your Business Use It?
This post is an updated version of our original Apple Business Manager article from January 2024, revised to reflect current Apple terminology and expanded platform capabilities.
If your business uses Apple devices, you should be using Apple Business Manager. It’s a free web portal from Apple that gives you centralized control over device enrollment, app distribution, and user account management for every iPhone, iPad, Mac, Apple TV, Apple Watch, and Apple Vision Pro your company owns.
It’s not a full device management platform on its own. Think of it as the foundation that makes everything else work. Apple Business Manager connects to your device management solution (MDM) and handles the behind-the-scenes coordination that makes zero-touch deployment, app licensing, and supervised device management possible.
Automated Device Enrollment
This is the biggest reason to use Apple Business Manager. When you purchase devices through Apple, an Apple Authorized Reseller, or an authorized cellular carrier that’s connected to your ABM account, those devices automatically appear in your portal. From there, they’re assigned to your MDM solution so that the moment a new device connects to the internet, it enrolls itself, pulls down your company’s configuration, installs the right apps, applies security policies, and is ready to go. No one has to touch it.
For iOS devices, Apple’s Return to Service feature takes this even further. You can remotely erase a device and have it set itself back up with your company’s configuration automatically. This is particularly useful for retail environments where iPads change hands frequently, or when you need to reissue a device to a new employee.
You can also manually add devices that weren’t purchased through Apple’s business channels using Apple Configurator. This is helpful if you have existing inventory that predates your ABM enrollment.
Apps and Books
Apple Business Manager lets you purchase and manage App Store and Apple Books content for your entire organization. There are two practical advantages here.
Paid apps stay with your business. If you buy an app like Final Cut Pro through ABM, the license belongs to your organization, not an individual. You can assign it to a device, and when that device changes hands, reassign the license to a different one. No repurchasing.
Free apps become manageable. Without ABM, getting a free app onto company devices means asking employees to download it using their personal Apple Accounts. You have no visibility into who installed what, no way to push updates, and no way to remove it remotely. With ABM, even free apps are distributed through your MDM. You allocate the licenses you need, push them to devices silently, and control updates centrally. No one needs to sign in to anything.
Managed Apple Accounts
Personal Apple Accounts are designed for individuals, with privacy protections that make them intentionally difficult for anyone else to access or recover. That’s great for consumers, but it creates real problems when employees use personal accounts on company devices. If someone leaves and their personal Apple Account is tied to company data or locks a company device, you have very limited options.
Managed Apple Accounts solve this. Created and managed through Apple Business Manager, these accounts are owned by your organization. They provide access to iCloud, iWork collaboration, Notes, Reminders, and other Apple services, while keeping organizational data separate from personal data.
ABM also supports federated authentication, meaning you can connect it to your existing identity provider. Google Workspace, Microsoft Entra ID, and any OIDC or SCIM-compatible identity provider can sync user accounts directly into ABM. Your employees sign in with their existing work credentials, and you manage everything from one place.
Supervision and Security
Devices enrolled through Apple Business Manager are automatically Supervised, which unlocks a significant set of management capabilities that aren’t available on manually enrolled devices. Supervision gives your MDM platform access to additional restrictions and commands, things like preventing users from removing the MDM profile, restricting AirDrop, controlling App Store access, and more.
One of the most important advantages involves Activation Lock. Apple’s Activation Lock is designed to prevent stolen devices from being reused, which is a great consumer feature. But if an employee enables Activation Lock with a personal Apple Account on a company device and then leaves, you’re stuck going through a lengthy proof-of-purchase process with AppleCare to regain access. With supervised devices through ABM, you can either disable Activation Lock entirely or use device-based Activation Lock that’s controlled by your MDM and recoverable by your organization.
ABM also maintains a complete inventory of all enrolled devices, including model, serial number, and device details. This gives you a reliable record of company-owned hardware that your MDM can pull automatically.
A full list of supervision-only restrictions is available here: MDM restrictions for supervised Apple devices
Getting Started
To sign up for Apple Business Manager, your organization needs a D-U-N-S Number, a verification contact (typically a legal representative), and an administrator who will manage the account. Apple verifies your organization during enrollment, so the D-U-N-S Number must match your legal business name and address.
Once enrolled, you connect your device suppliers (Apple Customer Number or Reseller Number) so that future purchases automatically flow into ABM. From there, you link your MDM solution and start assigning devices.
How 2Fifteen Tech Can Help
As Apple Technical Partners, we set up and manage Apple Business Manager for businesses every day. We handle the enrollment process, connect it to your device management platform, configure automated deployment workflows, and make sure your devices are supervised and secured from day one.
If you’re looking to fully outsource your IT, we offer managed IT services where we handle device management, onboarding and offboarding, security, networking, and ongoing support.
If you already have an IT team but need Apple-specific expertise, our co-managed IT offering lets us manage your Apple environment alongside your existing staff.
We partner with Iru for device management and endpoint security, giving your organization a unified platform for managing Apple, Windows, and Android devices.