How to Secure BYO Android Devices
Two-thirds of US white-collar employees are working from home some or all of the time, according to a September 2021 Gallup survey – and of those, 91 percent hope to continue to do so even after the pandemic.
In this Everywhere Workplace environment, a “bring your own device” (BYOD) policy is an appealing proposition for employees and IT departments alike, leading to an average annual savings of $350 per employee and a 34 percent increase in productivity.
But with BYOD policies come new requirements for securing those employee-owned devices, keeping corporate information safe while respecting employees’ privacy. Enter: Ivanti Neurons for Mobile Device Management (MDM).
Zero Trust for Android BYOD
Android holds over 72 percent of the mobile operating system market, so Ivanti Neurons for MDM, which integrates with Android Enterprise, is an ideal zero-trust foundation for implementing a BYOD directive with relative ease.
Android Enterprise is the set of features and services built into Android that allows companies to secure and manage corporate data and apps on Android devices. With Android Enterprise’s work profiles, employees’ personal data and information on the device are unavailable to their IT department, while the company knows their corporate apps and data are secure. Android enforces separation between personal and work data at the kernel level across process, memory and storage. All applications from Google Play work out of the box with separate data storage.
Ivanti Neurons for MDM
With Ivanti Neurons for MDM, you can manage work apps and data within the work profile while personal apps, data and usage remain private – all with minimal interaction from the employee.
Simply email employees a Google Play Store link to download and run Ivanti’s app. All that is required to complete the setup process is their employee email and credentials.
Your IT department can configure Neurons for MDM to automatically configure the work profile to download and install the apps and their settings so the employee can hit the ground running.
Key Features of Ivanti Neurons for MDM
- App catalog. Add, configure, distribute, promote and whitelist managed Google Play Store apps, company private apps, and private or third-party web applications within the work profile.
- Always-on encryption policy. Create a protection/encryption disable policy to monitor and automatically audit actions if encryption on the device is disable or compromised.
- Passcode configuration. Define the passcode requirements for the device and work profile, which protects corporate applications and data from unauthorized access. You can also option to allow the use of biometrics to unlock the device and work profile.
- Ivanti tunnel. Secure per-app VPN for business apps and data from anywhere. Mobile apps can access protected corporate data and content behind a firewall.
- Client out of contact policy. Set up a set of actions to take if the Ivanti MobileIron Go client has not checked in for a specified number of hours or days. This can be set to deny, quarantine or even delete the work profile in order to protect corporate apps and data when out of compliance.
- Default app permissions configuration. Set default runtime permissions for work profile apps.
- Lockdown configuration. Decide what Android Enterprise features are used to restrict the work profile.
- Certificate distribution. Configure to automatically create app and identity certificates for your devices to establish trust with your corporate assets using your choice of cert authorities.
- Auto update. Set update options and requirements for when to update private and Google Play Store apps within the work profile.
- Notifications and reporting. Set up automated reports for you and your upper management while adding notifications when a device fails compliance.
- Zero sign-on (ZSO). With ZSO, eliminate the need for passwords by making mobile devices the primary factor for user authentication.
- Mobile threat defense (MTD). Easily deploy threat protection with machine-learning algorithms that provide on-device phishing and threat protection. MTD also supplies reputation scores for apps in the apps catalog.
Ivanti Neurons for MDM is Android Enterprise Recommended (AER)
Ivanti is certified by Google’s Android Enterprise Recommended (AER) program, the continual seal of approval that Ivanti Neurons for MDM meets Google’s strict Android Enterprise requirements. Ivanti Neurons for MDM is Android Enterprise Recommended for the work profile, which is the primary management set used for BYO devices, proving you can trust Ivanti Neurons for MDM to manage current and future versions of Android.
A Secure Foundation for BYOD Policies
Over 59 percent of organizations already have an BYOD policy, and 13 percent are in the process of implementing BYOD. With Ivanti Neurons for MDM, you can be confident not only that your enterprise apps and data are secure on your employees’ personal devices thanks to Ivanti’s zero-trust foundation, but also that your employees’ personal data is kept private.
Learn more. Hear how Android 12’s new features improve productivity and security and how you can use Ivanti UEM to implement these new capabilities and mature your zero-trust journey. Watch the on-demand webinar.