How Vanta migrated MDM platforms in just 3 days

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about our approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations. 

‍

Building on our perspectives on mobile device management (MDM), in this post you’ll hear from Diego Gutierrez, IT Operations Engineer on Vanta’s Enterprise Engineering team, who played a key role in our recent MDM migration.

‍

Our approach to MDM migration

Earlier this year, the Vanta Enterprise Engineering team migrated our internal Mobile Device Management (MDM) platform to help Vanta continue to scale our mobile device management strategy as we continue to grow. With proper planning and a thorough migration strategy, we were able to migrate all of our employees within one week with minimal disruption — with only three days dedicated to migration.

‍

As this was a short and ambitious timeline, we did a significant amount of testing prior to kicking off our MDM migration, including with Vanta’s Security team. Overall, our testing helped us ensure we’d be able to reliably push out a configuration file to prompt our users to enroll in our new MDM, regardless of where they were located and regardless of whether their device was enrolled in ADP (Apple’s Deployment Program).

‍

Our migration strategy

Given our short timeline, we decided to structure our MDM migration by department and team. This allowed us to more readily track individual migration and also partner closely with managers and department heads to nudge their team members to complete the migration steps. 

‍

Next, we prioritized these departments and scheduled dedicated time slots of 2-3 hours for each team. These blocks were added to employee calendars and communicated ahead of time, as well as shared on a centralized company calendar. 

‍

We opted to begin with our own team and partner teams who could help us review and test, including the clarity of migration instructions. For instance, starting with our Security, Legal, People teams provided us with a thorough cross-section of user feedback that we could quickly iterate on and incorporate. We also decided to migrate our Engineering and Product organizations last, given their quick uptake on these types of migrations and requests from our team in the past.

‍

Finally, we also structured dedicated MDM Office Hours by department. As a remote-first company, these were held over Zoom, and we invited employees to their designated sessions. While we weren’t sure what to expect, we saw a large uptake in employees globally who joined these sessions to ensure they were following the steps correctly, and were able to personally walk our staff through the migration process as needed.

‍

Communication and resources

Given how busy things can be at Vanta, first, we communicated our planned migration to our Leadership team and managers — including our timeline and estimated total time required of employees (3 minutes!). Our goal was to help set expectations for their organizations and teams. 

‍

Next, to set up our employees for success, we created and shared a range of comprehensive internal resources through Slack, email, and our internal employee hub, including the following: 

‍

• MDM setup guide with full steps and screenshots for each and total time required
• Short video to watch the full installation
• FAQ detailing potential errors and suggested fixes
• Slack channel for dedicated employee support
• Office hours by department for hands-on support from the team

‍

These resources helped ensure that employees had numerous ways to take steps for MDM migration depending on how they learn best, whether on their own or with a member of our Enterprise Engineering team.

‍

Edge cases and solutions

To track migrations and manage edge cases, our Enterprise Engineering team used a dynamic spreadsheet with automation. This allowed us to view the migration status of each user in real time while also incorporating additional context and managing edge cases, which included employees who were on PTO or extended leave. 

‍

In both cases, we were able to work closely with our People team to track return dates and partner with employees to remove the old MDM profile and once they returned. To ensure that devices successfully enrolled, we were able to reference the spreadsheet, notifications issued to our team, as well as our new MDM platform.

‍

Tips for migration

While every company is different, here are a few suggestions from our team that helped us ensure our three-day migration was successful — even with a tight timeline.

‍

• Research: Before embarking on these types of projects, ensure you understand and have vetted the most efficient and effective way to tackle a migration. Consider consulting relevant industry forums and Slack channels, if possible, as part of your effort to understand industry best practices and approaches.
• Test, test, test: Asking for employee time and for them to do something taps into our most valuable resources as a company — employee attention and time. To ensure a smooth deployment, ensure you’ve tested, anticipated, and addressed any potential issues well ahead of time.
• Plan and review: There are many ways to structure a deployment; consider multiple options depending on your goals and timeline before deciding on your strategy.‍
• Over-communicate: Your employees are extremely busy, and it’s important to emphasize and over-communicate action items, including in different channels. Be sure to communicate what you’re doing, why it’s important, how it affects them, and when they need to take action. Better yet, structure these reminders in a way that your employees will automatically see, such as on their calendars when absolutely necessary.