Academia Ltd

JAMF Pro Apple Mobile Device Management Service

Academia's JAMF Pro Software As A Service is a Mobile Device Management (MDM) solution was originally designed to help schools, colleges and universities manage large numbers of Apple devices across their estates. The solution is now used across all industries with our largest managed estate being 5,000 devices.


  • Fully managed service
  • Full version control
  • Fully integrated with in house systems


  • Zero touch deployment and management
  • All users on the same version of software and application
  • Total reduction in time to manage devices


£5000 per instance per year

  • Education pricing available

Service documents


G-Cloud 11

Service ID

4 2 8 3 9 2 0 1 0 0 6 8 5 0 6


Academia Ltd

Academia Bids

01992 703900

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
We offer full cloud server services to our client base, this includes Windows Active Directory and Windows Systems Center Configuration Manager, which can be integrated with our JAMF Pro SaaS solution for ultimate end user support and management.
Cloud deployment model
Private cloud
Service constraints
This Mobile Device Management (MDM) solution can ONLY be used with Apple equipment, we do offer other types of MDM for Windows, Chrome and Android devices.
System requirements
  • Onsite Wifi with internet connection
  • Apple devices

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Academia offers a central helpdesk system, which is operated by experienced staff and allows customers to report issues either via Email or online.

Our helpdesk is available during the hours of Monday to Friday, 08.30-18:00. Call logs are tracked against our internal service level system and monitored to ensure we achieve our SLAs.

Our standard Support Service Level Agreements (SLA) are:
- 2 Working Hours for Priority Critical
- 4 Working Hours for Priority High
- 6 Working Hours for Priority Medium
- 8 Working Hours for Priority Low
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Our standard Support Service Level Agreements (SLA) are: Priority Critical with a 2 Working Hours response to System Down, an error which occurs under normal operating conditions and halts the Client's production operations, prevents the current release or a module thereof from being run or causing substantial damage to the Client's data. Priority High with a 4 Working Hours response to an error which causes severe performance degradation, halting important operational tasks or placing the operation of such tasks at risk - i.e. the failure of a major feature. An error severely degrades a user application where no alternative exists or causes any damage to the Client's data. Priority Medium/Low with a 6/8 Working Hours response to any defect in the current release or any failure of the current release to perform in accordance with, and provide the facilities, function and capacity as set out in the Specification and Operating Documentation, other than a major or serious error. All our support contracts come with a Technical Account Manager including Quarterly Review meetings. Pricing is from £20 per person month based on an annual contract, discounts available for bulk quantities.
Support available to third parties

Onboarding and offboarding

Getting started
Our Mobile Device Management (MDM) solutions are designed so that the end user has zero touch, we manage everything for them, so they can just use the device with all the applications that they require to perform their responsibilities. Some users initially might require some support to find their "work" applications, which we can supply a "dummies guide" or perform some onsite knowledge transfer at an additional cost.
Service documentation
Documentation formats
End-of-contract data extraction
Users are able to migrate all their data and configurations from our servers at the end of the contract. All data is securely dealt with to ISO27001, after clients have acknowledged receipt and verified their data; we delete all data and configurations from our cloud environment.
End-of-contract process
At the end of the contract, the client has the right to cancel. At this point we can work directly with them or their new supplier; typically if a third party is performing the migration, there are no additional costs involved. If the client requires us to set up an onsite variant and migrate, there would be additional engineering and project management costs involved. Since we released this services many years ago, no one has left our managed service and have indeed added to it.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
JAMF Pro is designed for both desktop (macOS) and mobile devices (iOS), although it is mainly used with mobile devices for Mobile Device Management (MDM).
Service interface
What users can and can't do using the API
The API supports Basic Authentication and uses the standard User Accounts and Groups functionality of Jamf Pro. The Create, Read, Update and Delete privileges for an account or group within Jamf Pro correspond respectively with the POST, GET, PUT and DELETE HTTP methods. Furthermore, the Jamf Pro Server Object or Jamf Pro Server Setting should closely describe the endpoint for which permissions would be granted (e.g privileges for Advanced Computer Searches would be required to interact with the advancedcomputersearches endpoint).

For further information, please see:
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The whole purpose of our JAMF Pro Apple Mobile Device Management Service is that it is bespoke to every single client. During the initial Project Management and Service Delivery kick off meetings, we go into great detail as to how the client would like to configure the devices, group the devices and integrate with other software tools that they use for management purposes. As a managed service we keep the solution up to date, including any client changes/amendments as part of the support mechanism which is included.


Independence of resources
Academia's Cloud Services have an uptime greater than 99.9% and is build on VMware virtual technology which auto scales for any peak times. Our 24/7 monitoring solution, 3 data centres and UK optical network work seamlessly together moving workloads around automatically, we have mitigated the risk to almost zero by having resources available with full capacity planning built into all our workflows.


Service usage metrics
Metrics types
Our JAMF Pro Apple Mobile Device Management Service has the ability to report on the all devices that it manages. This is a completely configurable solution which is fully discussed during our project management and service delivery kick off meetings, which we can link into present client systems through API's or offer real-time dashboards to your technicians or arrange regular reports sent out via email.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
As this is a Mobile Device Management (MDM), users do not have direct access to the management console. The solution has the configurations of their devices, but no access to the user's data. Onsite tech administrators can have access to the management console, although would need some knowledge transfer if performing configuration changes, although the changes can be dealt with by our support team which is included as part of the managed service.
Data export formats
Other data export formats
All data is securely held in an embedded SQL database
Data import formats
Other data import formats
  • We can migrate the SQL database from an onsite server.
  • Normally a fresh installation is best advice.

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
Other protection between networks
As an ISP our network is fully protected at all borders to the internet and all our peered network connections are fully protected and monitored. We offer full optical IP solutions to our clients, which are normally tailored to meet the legal and compliance requirements of the vertical market we are serving. As an IWF and LINX member, we undertake every standard required to keep our network and client network separated, working from an everything locked down stand point and only opening ports which are required and used; this is monitored as part of our 24/7 monitoring solution.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
As an ISP our network is fully protected at all borders to the internet and all our peered network connections are fully protected and monitored. We offer full optical IP solutions to our clients, which are normally tailored to meet the legal and compliance requirements of the vertical market we are serving. As an IWF and LINX member, we undertake every standard required to keep our network and client network separated, working from an everything locked down stand point and only opening ports which are required and used; this is monitored as part of our 24/7 monitoring solution.

Availability and resilience

Guaranteed availability
We offer 99.9% uptime across all Cloud Servers, with credits for service unavailability applied to customer accounts for future use.
Approach to resilience
This information is available on request.
Outage reporting
A public dashboard is available at, and email alerts are automatically provided to the named contact for each Cloud Server to advise when planned maintenance is to occur that may affect service availability, or when we have detected an issue that affects one or more Cloud Servers in operation.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Access to restricted in management interfaces and support channels to identified internal users of the systems team. User access is restricted to only the systems they have purchased through a combination of VLAN / VPN / AD authentication and 2FA if required to avoid unwanted cross access to systems, Underlying network infrastructure control is only available to Systems Team members without exception.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
SN Registars (Holdings) Limited
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
All aspects of our system infrastructure and product offerings are covered by our ISO certification.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Compliance with ISO27001 is a written requirement of employment at our company and is regularly assessed by our in-house auditing team as well as through six monthly externally led audits. We alos operate through the premise of least available privilege for all system users, including a named and vetted system team whose higher level access to systems is fully monitored and subject to 2FA throughout. The systems team report to the Technical Director who is entirely responsible as a Board member for the technical infrastructure. We also operate our entire company systems on the same infrastructure - fully separated from client instances - and as such our company DR and BCP apply to the same infrastructure.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All system components are subject to 24/7 monitoring for performance and tracked issues, and are proactively replaced if their performance shows signs of future degradation. We also operate an N+N redundant system in most areas, with a fallback to N+1 to avoid a single failure impacting on system availability. Changes are fully assessed for security impact in line with ISO27001 security controls and tested on internal development systems before rollout.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our technical team are alerted to potential threats directly by our hardware and software partners, and will deploy threat responses immediately based on industry information or detected issues within our infrastructure. Patches are deployed based on the level of threat and impact on our infrastructure - as we operate a fully redundant series of systems, we can inspect the performance as patches are deployed and continue rollout or roll back as needed.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
As with all system level impacts, we monitor the system 24/7 to ensure that all operating parameters are within expected levels, and our automated monitoring systems will raise an alert to our systems team if this is not the case. Patches and updates to the system are communicated to all affected users directly and also published on our status page for our cloud servers.
Incident management type
Supplier-defined controls
Incident management approach
Incidents can be reported to our systems team through our ticketing system and will automatically be raised to priority 1 if a cloud based system is affected. Our team also apply standard processes for the resolution of system issues against a known good backup and rollback procedure. Incident reports - both ongoing and previous - are available through our status page at

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
Joint Academic Network (JANET)


£5000 per instance per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑