Mobile E-mail Management (MEM)

Email is still one of the most important modes of communication today. Many organizations prefer email for official communication as it is fast, reliable, and very simple. The widespread use of email communication has created a deluge of mail management issues for IT admins, like provisioning employee devices with email accounts and securing the confidential corporate data contained in emails, including any attachments. Organizations need a way to protect emails against data breaches.

With the mobile email management capabilites of mobile device management solutions such as Mobile Device Manager Plus, IT admins can handle these issues with ease while also protecting enterprise e-mails and securing e-mails on mobile devices. Here's a list of features supported by MDM to simplify enterprise email management.

Key Features of Mobile Email Management (MEM)

  • Pre-configuring E-mail on the devices remotely
  • Ensure only approved apps and devices can access e-mail
  • Prevent unauthorized access of e-mail attachments
  • Pre-installing the e-mail client to be used for e-mail access

Configuring corporate email accounts for employees

IT admins need to ensure every single employee has a corporate email account for internal communication, as well as external interactions with customers, suppliers, and collaborators. Using MDM, you can create email accounts in bulk by associating an email policy with employees' devices (Android, iOS, and Windows).

Creating individual email accounts for every single employee is tedious; dynamic variables simplify this task by automatically fetching the email addresses mapped to devices during enrollment. Additionally, MDM lets you configure the email signature, and set up a default email account for users.

Configuring email restrictions

Many senders use HTML to add graphics and links to emails. These HTML emails pose a potential threat to devices in the form of hidden viruses and other malicious software that may be downloaded automatically. Using MDM, you can eliminate this threat by completely restricting the use of HTML format in emails in favor of plain text only.

Automatic email forwarding is another important security concern that admins need to deal with. If an employee has enabled email forwarding to an outside address and left the company, sensitive data belonging to the organization may be lost. The situation gets more serious when critical information is exfiltrated to unauthorized third parties via email. A feasible way to prevent these situations is by using MDM to restrict the forwarding of emails. MDM also lets you manage the syncing of email addresses with third-party cloud services, the usage of email accounts from non-email apps, email notifications, and more.

Ensuring secure communication

Email communication mostly uses email configuration standards such as POP or IMAP for retrieving email this typically involves transmitting the email content as plain text, possibly leaving confidential data vulnerable to eavesdropping attacks and other cyber attacks. The solution is to use an SSL/TLS connection, which ensures the email traffic is encrypted and secure during transit. Besides providing an additional layer of encryption through S/MIME, which retains message integrity and enhances data privacy, MDM lets you establish a secure communication channel for emails by enabling an SSL/TLS connection or by using SSL certificates for your Android, iOS, and Windows. Additionally, Simple Certificate Enrollment Protocol (SCEP) can be configured for iOS and Windows devices, to secure emails using certificates.

Securing email attachments

Email attachments often include important documents containing sensitive data. Once these attachments are downloaded, they can be opened using any unmanaged app, shared to another device, and even backed up on third-party cloud services, resulting in data leakage. With MDM, you can rest assured that email attachments are protected not just during transit, but also after they're downloaded. The ME MDM app's built-in Document Viewer ensures secure viewing and storage of important documents received as attachments. As sharing the documents to other devices or cloud services is restricted, corporate data is completely sandboxed, preventing security breaches. Alternatively, these documents can be accessed using other document viewer apps approved by your organization.

Securing access to Exchange

Many organizations use Exchange Server to manage business emails, which is one of the main reasons that Exchange is constantly at risk of security threats. Despite their best efforts to restrict access to Exchange using firewall configurations and other security tools, many organizations aren't aware that they can control Exchange Server access at the device level. To help you better protect your organization's Exchange environment, MDM allows you to restrict unmanaged devices' access to your Exchange server.

Pre-set app configurations and permissions

Email is the preferred form of communication for business, but configuring email accounts can be difficult and time-consuming. MDM's managed app configurations (iOS and Android) simplify the process considerably. You can customize the functionalities of any managed email app to suit your organizational requirements, distribute the app to devices, and preconfigure parameters such as account type, domain name, and email signature to make the app ready for corporate usage soon after installation. Productivity apps like IBM Verse (for Android and iOS), Microsoft Outlook, and Zoho Mail can be easily configured using MDM.

Apart from this, MDM lets you preconfigure the app permissions. For instance, if you do not want email attachments to be stored on the device, you can disable the storage permission even before distributing the app. Permission for specific data can be configured as user-controlled, when it is not fundamental to the app's functionality. Assuming you require the Zoho Mail app primarily to manage corporate mails, configuring the permission to access the device contacts and SMS may come under the user's discretion. Similarly, if an app is being used to track the device, you can remotely force enable the app permission to access the device location.