Fighting the recent Apple DEP “vulnerability” with Workspace ONE UEM (AirWatch)

There’s been recently a wave of news along the  “OMG Apple DEP is insecure we are all doomed” line. While there is indeed a few flaws in Apple Device Enrollment Program, I want to show how to fight it with Workspace ONE UEM (AirWatch) in a simple 3-step process

Step 1: Go to your DEP profile in Settings -> Devices -> Apple -> Device Enrollment Program

Step 2: Ensure Authentication is ON


Step 3: You are done. Really, this “vulnerability” is only serious in two cases:

  • Using no authentication, implicitly trusting anything that comes from the Internet over DEP
  • Staging (specifically using the staging process with the staging user) sensitive information – certificates, etc. Just don’t – have all the sensitive bits assigned to the end-user who has to authenticate.

So, now you are armed with knowledge!

More reading:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: