Recently, I was asked a question I havent heard in several years: Can you manage Apple devices without using MDM?The technical answer is yes. You can use configuration profiles and Apple Configurator to do this.But you really shouldnt try that approach. With mobile device management (MDM) vendors licensing their software for as little as $1 per device or user per month, MDM should be the go-to option for all but those on the tiniest of shoestring budgets. (Theres also the possibility of usingApple Business Essentials, a stripped down solution from Apple intended for small organizations.)MDM and Apple Business Manager (or Apple Business Essentials) allow for zero-touch deployment. IT does not even have to see a device; it can be shipped new in the box to an employee and it will automatically configure and enroll in MDM when querying Apples activation servers during startup.By contrast, managing devices manually can be extremely time consuming because you have to set up each device by hand when installing configuration profiles and you must touch it every time you need to make changes. Security updates (or any software updates) cannot be forced to install, leaving it up to each user to install them or not.When a device is managed via MDM, theres a constant back and forth communication between the device and your companys MDM service. This allows a whole host of features, particularly security features such as being able to query the device status, lock/unlock the device, install software updates, and add applications and other content over the air.You also gain the ability to securely separate work and personal use of a device and to make use of managed Apple Accounts rather than relying on a users personal Apple account.Managed Apple Accountsperform the same function as personal Apple IDs, but theyre owned by an organization rather than the end user and they link to an employees work-related accounts. They can also be managed in a way that allows users access Continuity features at work and provides a work-related iCloud account. One big advantage here is that work related passwords and passkeys can sync across all of a users work devices (and they can be automatically removed from a device if a worker leaves the organization.Another consideration to keep in mind if youre a small shop looking to save a few dollars is that you might not always be small. You may not think you need the features that come with MDM solutions, but as your company grows, your needs will change and youll likely have to go through the headache of migrating away from manual management anyway.This is the part where I tell you to turn back from trying to manage Apple devices manually.But if youre truly determined to go it without using MDM or youre really that cash strapped and you have a small number of employees and devices, heres what you need to know. (Just dont say you werent warned if you go this route and run into problems or security breaches.)The basic component for managing devices is the configuration profile; its an XML file that specifies the various options you want to set up. These profiles have been around since the iPhone 3G launched in 2008 (two years before MDM even existed). These files also underpin MDM configuration, but you get a much broader selection of configuration options and an easier interface via MDM.Apple Configurator for Macis a free tool available in the App Store. There is an iPhone version as well thats used to enroll devices if theyre not eligible for zero-touch deployment typically, devices bought outside of a business purchase from Apple or an authorized reseller. (The Mac version can also be used for this purpose.)The latest version of Apple Configurator supports the management of iPhones, iPads and Apple TVs, but cautionary alert it does not support managing Macs. (This is another downside to manual device management.)Apple Configurator allows you to create a blueprint for various device types and to create configuration profiles with a simple-to-use GUI. You can then assign your profiles to blueprints. Configurator also lets you prepare devices to receive configuration profiles; backup and restore devices; determine whether they will work usingApples Supervision functions, which provide some additional control over devices; and to install apps.Once youve set up blueprints and added configuration profiles and apps, youll need to connect each device via a USB-to-Lightening cable (for older devices) or with a USB-C cable (for newer devices) and then assign the device to a blueprint. When preparing a device for Apple Configurator, you can choose to remove various steps in Setup Assistant (just as in MDM). You can also set the device name, wallpaper, and home screen layout.Managing Macs works essentially the same way by building configuration profiles. But you need to hand install them on each Mac. Depending on the payload of the profile and whether a user has local admin privileges, the Mac user might be able to delete installed configuration profiles. Keep that in mind.Apple Configurator can also be used torevive or restore the firmware of Apple devices(including Macs).Apple provides auser guidethat offers additional details and a walk-through of tasks in Apple Configurator.So, as I noted from the very start, you can see that its certainly possible to manage Apple devices manually. But hopefully, you can also now see that there are too many advantages to managing devices using MDM (or Apple Business Essentials) to do it the old-school way.From better security to a lighter IT workload and an improved user experience, MDM really can streamline everything needed to keep your fleet of Apple devices up and running.