How to ensure devices auto-join specific corporate Wi-Fi connections? 

Description

With malware increasingly using unauthorized Wi-Fi connections as vectors to distribution, ensuring devices are consigned to authorized Wi-Fi connections has now become mandatory. MDM MSP ensures managed devices automatically join only specific Wi-Fi connections and also ensure it doesn't join any other unauthorized Wi-Fi connections. This is supported only for iOS and Android devices.

Steps

  • On the MDM Server, navigate to Device Mgmt and select Profiles, present under Manage from the left pane.
  • Click on Create Profile and select iOS/Android from the dropdown.
  • Select Wi-Fi from the left pane and configure the Wi-Fi profile as explained here, in case of iOS and here, in case of Android. Ensure Automatically Join Network is enabled, for the device to automatically connect to this Wi-Fi network, immediately on identification.
  • Save and publish the profile. Now distribute the profile to groups/devices.
  • Create another profile and navigate to Restrictions and select Network and Roaming. Enable the restriction Connect to Wi-Fi, only if distributed via MDM. Once enabled, save and publish the profile. Distribute it to the groups/devices, to whom the previous profile was associated.

NOTE:

1. It is recommended to associating the Wi-Fi policy first before associating the Restrictions policy, as this ensures the device is connected to the specified Wi-Fi before the restriction is applied.

2. The devices to which this policy is associated, can be continuously managed by MDM only when connected to the specified Wi-Fi connection or through cellular data. Hence, it is recommended to associate this profile only to Corporate-owned devices.