Mobile Device Management (MDM) has become a hot topic as organizations are pressured to bring iStuff into their organization, especially as BYOD (Bring Your Own Device) gains steam. Mobile devices are invading every level of corporate society, making the need to remotely manage and control them increasingly urgent. Apple has provided some enterprise management features, first via over-the-air configuration profiles, and beginning in 2010, full MDM support. Unfortunately, the exact features availble through MDM are tightly controlled by Apple, as is the protocol itself. This talk dissects how Apple MDM works. Starting with basic iOS configuration principles, the talk explores mobile config profiles generated by the iPhone Configuration Utility, over-the-air profile delivery, and eventually describes the key features and mechanisms behind MDM. Finally, we explore how to implement your own MDM server, which allows you to manage iOS devices using official device management APIs. You can wipe your device, and perform many other actions, using these custom MDM services. Finally, some bugs and vulnerabilities, as well as one interesting attack, are discussed. Originally presented at Black Hat, this talk has been updated to include changes from iOS 5.x and other more recent discoveries.