Device enrollment made easy
Many organizations allow employees to use mobile devices to access corporate data. Most enterprises have mobile environments that are comprised of a mix of enterprise-owned devices and user-owned devices (often referred to as BYOD—bring your own device—environments). Bringing these devices into your organization's network is the first step to securely managing them.
When it comes to enterprise-owned devices, there are few different levels of ownership.
- Choose your own device (CYOD) Employees select a corporate-owned device from a list of approved devices.
- Corporate‐owned, personally enabled (COPE) Employees can choose a specific corporate-owned device and use it as if it were their personal device.
- Corporate‐owned, single‐use (COSU) Includes devices intended for a single, specific purpose such as digital signage, ticket printing, point of sale, or inventory management.
In the case of a BYOD environment, there is an even greater need for enterprises to authenticate devices before they enter the corporate network.
Mobile Device Manager Plus serves as a management solution that automatically works across a multitude of mobile environments and provides necessary security protocols so that unauthorized users can’t gain access to the corporate network. Mobile Device Manager Plus focuses on over-the-air (OTA) device authentication and device onboarding, making the first step of device management a breeze.
Authenticating mobile devices
Device authentication can be carried out in Mobile Device Manager Plus through the following methods.
- One-time password A one-time password (OTP) is generated and sent to the user, along with the enrollment invitation.
- Active Directory/Azure authentication An Active Directory or Azure password is used to authenticate the user while enrolling the device.
- Two-factor authentication A combination of user domain credentials and a OTP is sent along with the enrollment invitation.
To learn more about the authentication techniques supported by Mobile Device Manager Plus click here.
Simplified device enrollment
Mobile Device Manager Plus offers different enrollment methods for enrollment initiated by users and by admins.
- User enrollment Employees enroll their own devices in the network.
- Enrollment through invite Enterprise administrators send invitations via email to employees whose devices have to be enrolled.
- Self-enrollment This form of enrollment is carried out without an email invitation, using employees' Active Directory credentials.
- Administrator enrollment Enterprise admins can quickly and easily bring mobile devices under management from their end using the following bulk enrollment techniques
- Bulk enrollment via CSV Admins upload a file containing employee details. An email is then sent to these employees, asking them to enroll their devices.
- Bulk enrollment for iOS devices
- Apple Configurator Apple Configurator is a utility tool designed to configure and enroll corporate-owned iOS devices in an enterprise using a physical USB connection. iOS devices can be pre-loaded with associated profiles and apps before they're handed out to employees.
- Apple Device Enrollment Program(DEP) Enterprise administrators can enroll iOS devices without coming in contact with the devices. Devices are brought under management with all the required configurations, right out of the box.
- Bulk enrollment for Android devices
- Android Near Frequency Communication (NFC) enrollment This form of Android enrollment is useful for devices that support the NFC feature. With this functionality, one device takes on the role of an admin device, while the other assumes the role of a target device (i.e. the device that has to be brought under management). All the IT administrator needs to do is bump the admin device with the target device to complete the enrollment.
- Samsung KNOX enrollment Samsung KNOX enrollment is a form of automated bulk enrollment. It involves only a one-time setup to be completed by the administrator.
- QR code enrollment QR code enrollment is another automated enrollment method for Android devices that simplifies enrollment by performing it in a single step. This method also involves minimal effort on the administrator's end.
- Bulk enrollment for Windows devices
- Enroll Windows devices using Windows Imaging and Configuration Designer (ICD) tool Device enrollment using Windows ICD speeds up the enrollment process by distributing a provisioning package (PPKG) file to the target devices. It then enrolls the devices directly with Mobile Device Manager Plus without any user intervention or admin action.