Dave Sobel welcomes Anil Gupta, co-founder and CTO of Wyebot, to discuss Apple's transition from Mobile Device Management (MDM) to Declarative Device Management (DDM). This shift represents a significant change in how enterprise device management is approached, particularly as organizations increasingly rely on a growing number of Apple devices. Anil explains that the traditional MDM model, which relies on a central server to manage devices, can become a bottleneck as the number of devices increases. DDM, on the other hand, empowers individual devices to make decisions based on the information provided to them, reducing the need for constant communication with a central server.
Anil elaborates on the advantages of DDM, including improved scalability and reduced network traffic. By allowing devices to act intelligently and autonomously, organizations can avoid the challenges associated with the traditional MDM approach, such as excessive back-and-forth communication and potential deadlock situations. This new paradigm not only enhances performance but also aligns with the growing trend of edge computing, where devices at the edge of the network can process information and make decisions independently. Anil draws parallels between DDM and WiBot's own approach to Wi-Fi management, emphasizing the importance of empowering devices to operate efficiently.
The conversation also delves into the implications of DDM for security, particularly in the context of a zero trust security model. Anil explains that zero trust requires devices to prove their identity before being granted access to the network. This involves a robust chain of trust that begins at the device level and extends through the entire communication process. By utilizing certificates and tokens instead of traditional passwords, organizations can enhance security while still enabling efficient device management. Anil emphasizes that security must remain a top priority, even as scalability and performance improve.
Finally, the discussion touches on the role of AI in network automation and how it can complement DDM advancements. Anil highlights the challenges faced by organizations with distributed enterprises, where managing Wi-Fi across numerous locations can be daunting. By leveraging AI-driven automation, companies can simplify the deployment and management of Wi-Fi networks, making it easier for non-experts to troubleshoot and maintain connectivity. Anil concludes by inviting listeners to learn more about WiBot's solutions, which aim to provide a seamless and user-friendly experience in managing Wi-Fi networks.
💼 All Our Sponsors
Support the vendors who support the show:
👉 https://businessof.tech/sponsors/
🚀 Join Business of Tech Plus
Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.
👉 https://businessof.tech/plus
🎧 Subscribe to the Business of Tech
Want the show on your favorite podcast app or prefer the written versions of each story?
📲 https://www.businessof.tech/subscribe
📰 Story Links & Sources
Looking for the links from today’s stories?
Every episode script — with full source links — is posted at:
🎙 Want to Be a Guest?
Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:
💬 https://www.podmatch.com/hostdetailpreview/businessoftech
🔗 Follow Business of Tech
LinkedIn: https://www.linkedin.com/company/28908079
YouTube: https://youtube.com/mspradio
Bluesky: https://bsky.app/profile/businessof.tech
Instagram: https://www.instagram.com/mspradio
TikTok: https://www.tiktok.com/@businessoftech
Facebook: https://www.facebook.com/mspradionews
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
[00:00:02] Apple has offered a new version of MDM into DDM. What is it? What's the difference? And what does it mean for Wi-Fi Management? Anil Gupta from WiBot joins me on this bonus episode of the Business of Tech. Are your customers getting the most from their Microsoft 365 Business Premium subscriptions? Are you delivering maximum value while ensuring best-in-class margins?
[00:00:27] Nerdio's new modern work features let you streamline the management of Microsoft technologies like Azure Virtual Desktop, Windows 365, Intune and Defender. Reduce the need for multiple tools, consolidate your vendor stack and deliver greater value to your customers. Help your customers maximize their investments, free up your team for strategic tasks and drive meaningful business outcomes.
[00:00:51] With Nerdio Manager for MSP, a single flexible platform with mix-and-match plans ensures a flexible perfect fit for you and your customers. Deliver solutions that achieve real business impact. Visit GetNerdio.com to find out more. Anil, thank you for joining me. I'm excited to have you on the show. Great. Nice to meet you as well, Dave.
[00:01:15] Now, you got my attention because you've been looking at Apple's declarative device management. And this is a shift in the way that Apple is doing enterprise device management. Tell me a little bit about what this means and why people should care about the change here. Yeah. So this all comes down to actually scale, you know, so as you see, you know, of course, everybody's using lots of Apple devices throughout, you know, in their organizations.
[00:01:45] And as the number of devices grow, the dependency on a single server to be able to manage all of that just kind of grows out of bounds, you know.
[00:01:59] So and this paradigm actually applies to almost any IoT space, if you will, wherein if you look at the way kind of industry moved, you know, way back, there used to be, you know, the central kind of servers and dump terminals.
[00:02:19] If you go way back, you know, 20, 30, 40 years ago, you know, and then the paradigm of individual compute devices, laptops, MacBooks, et cetera, emerged. Right. So people figured out that centralized servers eventually can become a bottleneck and then it should transfer the decision making knowledge, you know, all of that to an individual device.
[00:02:43] Pretty much the same concept has actually applied, has been applied to MDM and DDM. You know, if you look at mobile device management, it was all about that. OK, the intelligence is going to be in one central place. You know, I'm going to ask for your health status, you know, every 10 minutes, every hour, once a day, whatever the case is. And then you're going to tell me that and then I'm going to say, oh, go do this.
[00:03:10] And then you're going to go report back the results. You want to say, yes, I received your command. Go ask me for stuff, you know. And that, you know, has many disadvantages in terms of it doesn't scale because. As the number of devices in the organization grows, it becomes challenging on a single MDM server to be able to handle all that. And it also creates a lot of network traffic as well.
[00:03:39] You know, back and forth, handshake going on and on. So the whole premise here is that if rather I can assume that you are an intelligent device person and I just provide you everything that I got and then you can go and take action on all of that intelligent information.
[00:04:02] So instead of me saying that, OK, I come to know that you are an iPad and if you're version, you know, X dot Y, you should be doing this. But if you're an iPhone, then you're version A dot B, you should be doing that. Rather, if I can just tell you all of that, you know who you are and then you automatically apply those policies, rules. You know, you evaluate certain predicates, you know, and then you then, you know, apply those things to yourself.
[00:04:32] And then you can simply report back the status to me instead of this back and forth handshake that we otherwise keep doing. So this paradigm, you know, as a matter of fact, you know, since I'm from Wibart, you know, this is what we do for a living as well. You know, I mean, we have Wibart Wi-Fi sensors, you know, same thing, IoT technology, you know, sensors.
[00:04:53] We pretty much use a similar methodology at a logical level, which is you empower the devices at the edge, you know, to make decisions themselves. And then you do use some kind of assist from the cloud side. So we call it intelligence at the edge and intelligence in the cloud. And that allows you to scale almost infinitely, you know.
[00:05:18] Now, while you do all of this, one very important aspect is that there must be, you know, security has to be taken into account deeply. And there has to be like a chain of trust, you know. I mean, starting from the initial device, the very first time the device comes up, it goes and checks in with some trusted body, which then may issue a certificate to the device, which it then uses to communicate.
[00:05:47] So all of that needs to be taken into account. But once you have this kind of infrastructure in place, it really scales very, very well. So I'll just pause there since I went on a long streak. You went right with a couple of the areas because you covered a little bit of the areas about the improved security and the reduced bandwidth usage. And I think I've got a good sense of how this is going. But what I'd actually like to understand a little bit more is, you know, when you say things like an improved chain of security,
[00:06:16] I'm also then immediately questioning, OK, well, does this fit into a zero trust security model? Because, you know, in fact, I want to move to an architecture where I have less trust within the system and I'm doing more verifications across the process. Tell me about how this fits more into a zero trust security model. Yeah, zero trust. Basically, I mean, what that means is like you when when device begins its life, you know, you don't assume that what they have.
[00:06:45] You start from something that was embedded, like when it when it starts kind of the hello message, you know, to say, hey, you know, you don't just you say, OK, hey, I'll tell you who I am first and then I send in kind of my credentials to you in a way via a certificate. And if you believe or trust my certificate, then you say it is who you are.
[00:07:10] And then if I see that whatever certificate has been generated issued to you has been generated by a trusted authority, then, you know, we continue the dialogue further. Otherwise, we immediately kill because there is some part of the chain that is broken, you know, and that chain of trust, you know, in a way begins in some way from an IoT device perspective.
[00:07:33] Some of those things begin at the factory level in a way that when the device was manufactured, it was either built with a, you know, a cert that can be trusted when you initially start the conversation. And, you know, certificates, at least as of the moment, you know, are have not been considered to be broken and all of that. You know, I mean, they is considered part of the trusted chain.
[00:07:57] And then, yes, the encryption and all of that, you know, I mean, what kind of key levels you're using, you know, 2048, et cetera, you know, I mean, that has changed or improved, you know, but largely that model is very important. And then the other thing which goes alongside on the security path train is that one of the things that all of us have come to encounter,
[00:08:20] are you never trying to exchange passwords over the Internet, you know, you try to do that in such a way, you know, such that no private secret key information or username passwords are exchanged over the year. But we use some kind of a token which is generated mathematically in such a way such that, you know, you and I arrive at the same, you know, conclusion eventually.
[00:08:47] And then we both know who we are and we can arrive without going deep into the math of all of that, you know, that's for a security topic, you know, detail. But essentially, private information is never exchanged over the year. And then, you know, you can still arrive and trust each other and then continue from there on. So that's an important key aspect of while we are trying to solve the scalability problem
[00:09:11] and performance issues as well, you know, you do not and cannot, in a way, sacrifice security in any way. And you have to start by not assuming anything about that device, but say, okay, present to me who you are and then I will see whether I want to take you on or not. Now, obviously, you've been leaning into AI-driven network automation.
[00:09:36] So how do you see the combination of like DDM advancements and Wi-Fi automation impacting that ability to deliver more efficient networks? Actually, very good question that you asked, you know. So one of the things actually I would say DDM has sold, you know, in a way which was kind of difficult with MDM in some ways.
[00:10:01] Is the fact that, for example, if you're trying to replace credentials, Wi-Fi credentials on a Apple device, Mac, iPhone, whatever, right? Now, the only way in a Mac, you know, book will be able to communicate with the MDM server is over the Wi-Fi. Over the, you know, I mean, yes, wired as well, but okay, let's assume that Wi-Fi. Now, if it is connecting to the network and if you want to, you know, change the certificate on that,
[00:10:31] if you sent it a command to say, okay, delete this profile and add this new one, if it were to do one thing at a time, actually, you would only go to step one, which is delete this profile. And after that, you will never be able to send the second command to the device because it has lost the connection. Whereas with DDM, you can push the entire package to the device.
[00:10:56] And now it first validates that everything that is in the package is all correct. And then because it is intelligent and not acting as a dumb device as part of the DDM protocol, it will then be able to delete the first one and then execute the second one. So therefore, you know, in the Wi-Fi world, it is a huge improvement, you know, in terms of you can, A, not only the scalability, the performance,
[00:11:25] but you can avoid some of these completely deadlocked situations, you know, I mean, like when I say deadlock, you could end up in a situation where you've lost all communication, you know, with all of your managed devices if you didn't execute in the past world properly. Whereas now with DDM, you know, that becomes so much more easier. Now, one of the things you're also leaning into at Wi-Fi is known, you're known for leveraging AI in network automation.
[00:11:53] Like, how do you see AI evolving around network automation and what capabilities are you thinking about as we move forward? Yeah. So the thing with Wi-Fi, first of all, is, you know, I mean, Wi-Fi has been a technology which has been in a good way evolving over the past two decades, you know, with so many different, you know, starting from speeds and feeds, then going to reliability, then going to efficiency, then going back to speed.
[00:12:22] You know, with all these new standards, Wi-Fi 1, 2, 3, 4, 5, 6, 6E, 7, 8 coming and only becoming more complex. And one of the things about Wi-Fi also is that, luckily for us and maybe unluckily for others, is the expertise in Wi-Fi is very limited. And even today, if you look at the highest level of wireless certification, CWNE,
[00:12:50] there's, you know, 500, 600 people across the world, which means that the only way to solve Wi-Fi challenges in the field is either you are able to, A, have the Wi-Fi expert and B, be able to afford that Wi-Fi expert. And forget about the affordability part, there's not even exist, you know. So the only solution, therefore, the entire industry has is you've got to use some kind of automation.
[00:13:21] And that's where Wi-Fi and any other many other companies also come into play, where you're trying to solve not only remote areas, where not only you'll not be able to find just going there, you know, is very challenging. So that is what begs the solution that you need to use some kind of AI-based solution for automating, for scaling.
[00:13:46] Take, for example, you know, since you work in the retail MSP space a lot, you know, any organization, you know, which we term as actually a distributed enterprise. Now, what is a distributed enterprise? Any organization, whether it is a bank, whether it's a retail store, whether it is a law practice, a medical practice, you know, any organization that has hundreds and thousands of locations throughout the country,
[00:14:13] throughout the world, it is next to impossible to send that half a dozen Wi-Fi people that your organization may be able to afford, if at best, if you can find them, to fly them all over the country, all over the world to go figure out Wi-Fi problems. So what you need, therefore, is a solution that you can very easily ship to a remote site and it is so easy to use that your grandma could technically just, you know,
[00:14:43] put that in the power plug and bingo, it works. And then you can troubleshoot, diagnose, you know, look at user experience, all of that, you know, for your network, for your Wi-Fi network and your wired network as well. As a matter of fact, you know, I mean, we at WiBot and many times I have used that, you know, I say that we are the Apple of the Wi-Fi world, you know, because Apple is heavily about simplicity.
[00:15:11] You know, all they talk about is make sure that it's easy for users to use, you know, and that is our mantra here at WiBot as well. As a matter of fact, another quote that I love from Steve Jobs, you know, it is about difficult simplicity is harder than complex. It is more difficult to build a simple solution than to build a complex solution.
[00:15:38] And what we at WiBot have done is really focused on simplicity from the ground up, you know, to make sure that the whole experience from the time you get the product to the time it is operational and in the cloud and being able to see all the results is just completely seamless. Well, Anil Gupta is the co-founder and chief technology officer of WiBot
[00:16:04] with over 25 years in the networking industry and a specialization in wireless technology. His extensive experience includes senior technical roles across both startups and large enterprises with significant contributions to wireless communications, including 15 patents. I know this has been fascinating. I learned a lot. If people are interested in learning more, where can they reach out? You can simply go to our website, WiBot.com. If you have questions, there are links over there as well.
[00:16:33] You can request a demo of our solution. You can send an email to info at WiBot.com. So just visit the website and you'll find all the tools over there and all to be able to get in touch with us. Yeah. This has been great. Thanks for joining me. Thank you for having me. The Business of Tech is written and produced by me, Dave Sobel, under ethics guidelines posted at businessof.tech.
[00:17:00] If you've enjoyed the show, make sure you've subscribed or followed on your favorite platform. It's free and helps directly. Give us a review too. If you want to support the show, visit patreon.com slash MSP radio and you'll get access to content early. Or buy our Why Do We Care merch at businessof.tech. Have a question you want answered?
[00:17:23] We take listener questions, send them in, ideally as a voice memo or video to question at MSP radio.com. I answer listener questions live on our Wednesday live show on YouTube and LinkedIn. If you've got a comment or a thought on a story, put it in the comments if you're on YouTube or reach out on LinkedIn if you're listening to the podcast. And if you want to advertise on the show, visit MSP radio.com slash engage. Once again, thanks for listening.
[00:17:50] And I will talk to you again on our next episode. Part of the MSP radio network.