Mobile Device Management

While some IT environments work well with a self-service approach, there are a number of examples where a Mobile Device Management (MDM) solution is more appropriate. Apple’s iOS features Mobile Device Management capabilities that can be integrated with third-party solutions to enable The Foundation and IT departments to wirelessly configure and update settings, monitor compliance with corporate policies, and even wipe or lock managed devices.

There are several different MDM solutions available, and The Foundation can help identify which works best for your organization. Each different solution can offer you great control of the device, as well as report the location of each device. This type of control will help guarantee that your company’s data remains secure at all times with no worries. A MDM solution can also help you identify unneeded expenditures by calculating dat usage.

The first step in managing iOS devices is to enroll a device with a mobile device management server. This creates a relationship between the device and server, allowing the device to be managed on demand without further user interaction. This can be done wirelessly or by connecting the ipad to a computer via USB.

As a scalable way to securely enroll devices in an enterprise environment, iOS supports a process called Over-the-Air Enrollment. Using Over-the-Air Enrollment, your enterprise can provide a secure web portal through which users can enroll their devices for management. The server can then configure managed devices with the appropriate restrictions and account access.

The process of Over-the-Air Enrollment involves three phases that, when combined in an automated workflow, provide a secure way to provision devices within the enterprise. The phases include:

Authentication

  • Confirms user and device are trusted

Certificate Enrollment

  • Generates enrollment request
  • Leverages SCEP

Device Configuration

  • Encrypted configuration
  • user opt-in
  • Not notified of future changes

 
In addition to configuring devices, a mobile device management server has the ability to query devices for a variety of information. This information can be used to ensure that devices continue to comply with required policies. The mobile device management server determines the frequency at which it gathers information. Example queries include:

Hardware and Software Device details

  • Model, iOS version, serial number

Network Information

  • Roaming status, MAC addresses

Applications

  • App name, version, size

Compliance and security data

  • installed settings, policies, certificates