Geofencing is currently supported for iOS and Android devices.
The Geo-Fencing feature enables IT administrators to restrict the usage of corporate devices to certain regions such as office premises etc. This is done by creating virtual fences called geo-fence, based on real-world geographical region. Geo-fencing can be ideally used in enterprises with stringent compliance standards which require corporate devices containing sensitive data to remain within the organization's premises at all times. MDM lets you define security policies based on the virtual perimeter created as a geofence, ensuring there is no unauthorized corporate data access.
This feature is available in Professional, Free, and Trial editions of MDM.
- MDM server must be running #92516 or later versions. The build number is available on the right top on your MDM server.
- ME MDM app on Android devices must be running 9.2.400 A or later versions.
- ME MDM app on iOS must be running 9.2.313 or later versions
Configuring a geo-fence policy
There are two steps involved in configuring geo-fencing in MDM:
Creating a geo-fence
Creating a geo-fence involves selecting a primary location and then making a virtual perimeter around this location. The primary location becomes the center and on selecting the radius, the fence is drawn up. To create a geo-fence, follow the steps given below:
- On the MDM Server, click on Device Mgmt and select Fence Repository (under Geofencing) from the left menu. The 'Fence Repository' contains a list of all the fences which have been created previously.
- To create a new fence, click on Create Fence and provide a fence name.
- Now search and select a location which is to act as the center point for the geofence. Once you've selected the location on the map, the address, as well as the co-ordinates, are automatically fetched.
- After selecting the location, specify a radius for the geofence. You can create geofences as large as 500 kms.
- Click on Create, to add the created fence to the Fence Repository.
You can modify/delete the created fence by clicking on the ellipsis icon present against the fence name.
Setting up a geo-fence policy
The next step is to define the actions to be performed when the device leaves the associated fence. You can notify the IT admin when the device is marked as 'Non-Compliant', as it has left the geo-fence. You can also execute a set of security commands on non-compliant devices. These commands can be executed on the devices either immediately or after a day. For the commands specified in the geofence policy to be executed, the device must be in contact with the server. To create a geo-fence policy, follow the steps given below:
- On the MDM Server, click on Device Mgmt and select Fence Policy from the left menu. Fence Policy contains the list of all the geo-fence related policies created previously.
- To create a new policy, click on Create Policy and provide a policy name.
- You need to first define a rule for the policy, wherein you select the geo-fence to be used in the policy. Devices which leave this geo-fence are marked as non-compliant. You can either choose from the list of created geo-fences or create one by clicking on Create a new fence option.
- You need to specify the actions to be performed once the device is marked as non-compliant. You can execute security commands and/or notifications pertaining to the non-compliant device. In case of security commands, you can choose to mark the device as lost through Lost Mode, ring an alarm on the device, wipe device data as well as the data on the memory card. In case of notifications, you can have E-mail alerts sent to the IT administrator. These can be executed either immediately or after a day.
- Once you've defined the actions, click on Create Policy. To distribute it to groups and/or devices, click on the ellipsis icon and select the Distribute to devices option.
- Select the devices or groups, to which the policy is to be distributed. Click on Select to distribute the policy.
You can modify/delete the created policy as well as remove the devices to which the policy was previously associated with, by clicking on the ellipsis icon present against the policy name.
Once a device is marked non-compliant to the geofence policy applied, the admin will get notified via email. (This email can be customized as per the message your organization wants to convey)
In case you're unable to apply the geofencing policy to iOS devices, open the ME MDM app on the device, and re-try applying the policy.