Which Business Apps are integrated with MDM?

rohanparakh's picture
No votes yet

Typically two kind of business Apps are in demand:
1. File sharing apps
2. Communication apps(email,chat)
3. Anti Virus/Anti Malware apps(lets not talk about iOS here)

Has anyone seen or worked on such kind of apps integrated with MDM specially for authentication purpose.
Also any MDM which provides AV too, and for all the platorms.

Lock out proxy settings?

carlie21's picture
No votes yet

Hi I am new to the forums and would like to know if anyone knows of a way or app that can lock down devices proxy server settings? I have contacted apple who say this isnt possible through xml files or the apple config tool so would like to know if anyone has come across any mdm software that can do this.

We use Ipads in Bank branches and do not want users (customers) to be able to in put a proxy server setting that could potentislly divert customer data to a personal proxy.

Any idea or comments would be much appreciated

Thanks
Carlie Mcnamee

AirWatch Supporting Mac OS X

Cooper.AW's picture
No votes yet

With this new release, IT administrators can maintain security across both iOS and Mac OS X Lion operating systems to ensure consistent policies and profiles throughout their organization. This new update also enables organizations to manage corporate liable, employee liable (BYOD) or shared Mac OS X Lion devices throughout the entire device lifecycle. As part of the company’s commitment to the Mac platforms, AirWatch plans to support the new features in Apple’s upcoming Mac OS X 10.8 release.

The initial OS X management release includes MDM capabilities for web-based enrollment; commands to remotely lock and wipe devices; and device and application list query. Support for profile management capabilities include:

• Passcode and policy settings
• Email (POP, IMAP, SMTP) and exchange settings
• Wi-Fi and VPN configurations
• Certificates and simple certificate enrollment protocol (SCEP)
• Lightweight directory access protocol (LDAP), calendaring extensions to WebDAV (CalDAV) and contact extensions to WebDAV (CardDAV)
• Webclips
• Custom profiles

http://www.businesswire.com/news/home/20120611006567/en

Check In/Out

damntech's picture
No votes yet

Hi we currently have no iOS devices deployed and are in the process of acquiring iPads and an MDM. I have demoed several MDMs all of which have different odds and ends. We are a school district and have multiple users per device with 5 times as many unique users as devices. We were wondering if there is a MDM with an over the air Check In/Out type features or features that can be crafted to make a single user device elegantly resemble the unique user environment we have in our desktop environment?

Thank You

iOS 6 Features for Businesses

No votes yet

Apple has announced iOS 6, in developer preview today and shipping this fall. The full keynote address is available. Several features announced, and/or visible from the presentation, are relevant to business. (Note the developer preview is covered by Apple's non-disclosure agreement. This site respects the NDA and we will discuss only publicly-announced information.)

Apple's voice-enabled "personal assistant" Siri is has received some tutoring. Already on the iPhone 4S, it is coming to the new iPad (3rd Gen.). It can now integrate with Open Table to make restaurant reservations, sure to impress your customers. And for business trips, Siri will be integrated into the steering wheel button for 2014-model cars from several auto makers.

Photo Stream, one of the most helpful innovations of iOS 5, now works with shared groups. Group members can then comment on photos. This is going to be a killer feature for field teams working with photos. Photo upload now works within web forms too (particularly welcome for bloggers like me!).

FaceTime, currently WiFi only, will work over cellular too. Expect your data caps to be hit very quickly. This may be a great time to plan centralized telephony management.

For meetings, the iOS Phone app (yes, it is an app) gets some enhancements as well. When a call comes in, you can choose to Answer or Decline, or "Reply with Message." There's also a "Do Not Disturb" feature to send all calls (except for favorites) direct to voicemail during particular times.

Mail gets a "VIP Inbox" and per-account signatures. Also password-protected Microsoft Office docs can now be opened.

In iOS 6 the Maps app includes turn by turn navigation, 3D maps, flyover, and Siri integration.

Accessibility is already fantastic on iOS, but even this gets improvements. Look for a kiosk mode to disable hardware buttons — possibility a useful features even for non-disabled users.

Finally, some little tidbits mentioned in a quick slide (shown above): IPv6 support over WiFi and LTE, global HTTP proxies ought to force corporate security policies.

iOS 6 is expected this fall, and will work with the following devices:

  • iPhone 3GS and later
  • iPad 2nd & 3rd Gen
  • iPod touch 4th Gen.

Connect with Mobile Iron/Air Watch

TossCoin's picture
Your rating: None (1 vote)

Hi guys, I am working for a software company, which is currently thinking about cooperating with MobileIron or possibly AirWatch. Basically my company is building a tool that allows people to create apps and we'd like to give users a "one click publish" to MDM products like Mobile Iron and AirWatch. I'm wondering if there's a way to connect the two systems to make this possible. For example, is there specific data we need to send with the app file to Mobile Iron or AirWatch?

A use case would be:

1. I create my app in my creation tool.
2. When I'm done I click a "publish" button.
3. The app is automatically saved up to the MDM.
4. The MDM administrator can use the normal process for that MDMD to
deploy it to users.

Some words please? Thanks a lot!

Meetup for iOS Administrators June 21 in NYC: What's New from WWDC

No votes yet

Who Needs WWDC?

We'll have the latest news and gossip from WWDC straight from San Francisco. Connect with your fellow iOS masters, swap stories from the trenches, kibbitz about the announcements from WWDC, and get inspired.

Thursday, June 21

 What's New from WWDC

5:30p Event Begins and Bar Opens. We will have drink tickets compliments of our sponsors.
6:30p Brief Introductions from Our Hosts
7:30p Move upstairs Ace Hotel lobby bar

Check out our afternoon event, iPad® in Business Briefing: How To Increase Revenue & Improve Employee Productivity, starting at 3:30p. Register for that event separately.

Location

Ace Hotel (Liberty Hall)
20 West 29th Street at Broadway
New York, NY 10001

Our Sponsors

Batch Apple ID Creator

Your rating: None (11 votes)

Update 2013 April 23: Greg has released the Apple ID Automation Builder as the successor to this AppleScript. Please check that out too!

Purpose & Features

Deploying a great quantity of iOS devices means creating a great quantity of Apple IDs. This script allows automated Apple ID creation from a spreadsheet. Apple IDs are created without a credit card, which is great for many deployments. There is a "dry run" feature to test the script without actually creating the Apple ID.

Requirements

  • IMPORTANT: Apple uses a velocity check to prevent too many Apple IDs from a single IP address. You must contact your Apple business representative to request that your IP address is whitelisted for a short time.
  • Being AppleScript, this runs only on Macs.
  • iTunes 10.7 is currently required. Future versions may break the script.
  • UI Scripting allows us to script otherwise non-scriptbale interfaces. Turn this on in System Preferences > Accessibility and check "Enable access for assistive devices."
  • Apple has strong password requirements. Account creation will fail if the passwords are too weak.

Instructions

A template CSV file is included. Fill out all columns, keeping the column headers, and save as CSV. Then run the script.

Security Questions

As of iTunes 10.6.1 Apple has required three security questions. The Batch Apple ID Creator allows you to choose the questions from the list below. Each question should be copied into the appropriate spreadsheet column (Security Question 1, 2 or 3) exactly as typed below.

Security Question 1

  • What is the first name of your best friend in high school?
  • What was the name of your first pet?
  • What was the first thing you learned to cook?
  • What was the first film you saw in the theater?
  • Where did you go the first time you flew on a plane?
  • What is the last name of your favorite elementary school teacher?

Security Question 2

  • What is your dream job?
  • What is your favorite children's book?
  • What was the model of your first car?
  • What was your childhood nickname?
  • Who was your favorite film star or character in school?
  • Who was your favorite singer or band in high school?

Security Question 3

  • In what city did your parents meet?
  • What was the first name of your first boss?
  • What is the name of the street where you grew up?
  • What is the name of the first beach you visited?
  • What was the first album that you purchased?
  • What is the name of your favorite sports team?

Known Bugs

Errors are not handled gracefully. Although some errors are recoverable, if the script stops, it loses track of its progress. Edit the spreadsheet to continue.

At the end of this script, Apple will send a verification email to the Apple ID. To complete verification, click the link in the message, then re-enter the account address and password.

Download

The files are downloadable from GitHub: https://github.com/aaronfreimark/Apple-ID-AppleScript Feel free to fork and improve.

Acknowledgments

This script was originally created by Enterprise iOS user Greg Moore, who works for Hope Public Schools in Hope, Arkansas. Aaron Freimark then updated the script to work with iTunes 10.6.1 and the multiple recovery questions. Discuss on EnterpriseiOS.com. This script or derivatives must not be sold. If you make it better, please give back to the community that brought it to you.

Query regarding app distribution system

manusinghal's picture
No votes yet

Hello Everyone,

I have an question regarding app distribution system via app store.
I have an app on app store which interacts with a different client-servers at various locations. It functions like version 1.0 of iphone app will be able to properly interact with version 1.0 of the client-server. Now the problem is few of my clients are late/reluctant in upgrading their server to which the iphone users connect. Once I release an update(say 2.0 ) for my iphone app there are few client-server which are still running 1.0 version. And if the end users of these clients installs the update (2.0 ) for his iphone app (unknowingly, the client-server which he is gonna connect to is still on 1.0 ), he makes his app unusable.
how to deal with these types of scenarios?

Can I develop my new updates to the application which interacts with the server before upgrading themselves OR can I develop something which automatically rolls back the update if server version mismatches?

Kindly suggest how to deal with this problem!

Would extremely grateful for your suggestions.

Many thanks,
Manu

Apple's iOS Security White Paper

No votes yet

Apple has posted a white paper on iOS Security. The document is an overview of device booting, code signing, runtime security, encryption and data protection, keychain, configuration enforcement, and Mobile Device Management.

This document provides details about how security technology and features are implemented within the iOS platform. It also outlines key elements that organizations should understand when evaluating or deploying iOS devices on their networks.

Some fun excerpts:

  • When an iOS device is turned on, its application processor immediately executes code from read-only memory known as the Boot ROM. This immutable code is laid down during chip fabrication, and is implicitly trusted.
  • If one step of this boot process is unable to load or verify the next, boot-up is stopped and the device displays the “Connect to iTunes” screen. This is called recovery mode. If the Boot ROM is not even able to load or verify LLB, it enters DFU (Device Firmware Upgrade) mode. In both cases, the device must be connected to iTunes via USB and restored to factory default settings.
  • To prevent devices from being downgraded to older versions that lack the latest security updates, iOS uses a process called System Software Personalization.
  • To ensure that all apps come from a known and approved source and have not been tampered with, iOS requires that all executable code be signed using an Apple-issued certificate.
  • At runtime, code signature checks of all executable memory pages are made as they are loaded to ensure that an app has not been modified since it was installed or last updated.
  • All third-party apps are “sandboxed,” so they are restricted from accessing files stored by other apps or from making changes to the device. This prevents apps from gathering or modifying information stored by other apps.
  • Each app has a unique home directory for its files, which is randomly assigned when the app is installed.
  • The entire OS partition is mounted read-only.
  • System shared library locations are randomized at each device startup.
  • The device’s unique ID (UID) and a device group ID (GID) are AES 256-bit keys fused into the application processor during manufacturing.
  • The UID is unique to each device and is not recorded by Apple or any of its suppliers. The UID allows data to be cryptographically tied to a particular device.
  • The “Erase all content and settings” option in Settings obliterates all the keys in Effaceable Storage, rendering all user data on the device cryptographically inaccessible.
  • By setting up a device passcode, the user automatically enables Data Protection.
  • Keychain items can only be shared between apps from the same developer.
  • Because iOS achieves a reduced attack surface by limiting listening ports and removing unnecessary network utilities such as telnet, shells, or a web server, it doesn’t need firewall software.
  • Administrators can enforce complex passcode requirements and other policies using MDM or Exchange ActiveSync,

Are iPads secure enough? This guy thinks so.

No votes yet

President Barack Obama receives the Presidential Daily Briefing from Robert Cardillo, Deputy Director of National Intelligence for Intelligence Integration, in the Oval Office, Jan. 31, 2012. Part of the briefing was done using a tablet computer. (Official White House Photo by Pete Souza)

Also, the U.S. Government is going BYOD...

Apple Data Protection

No votes yet

In the world of iOS corporate deployments, there is always a question about how the data is protected on those devices.

The Apple’s answer to that problem is called : Data Protection. A generic term that would need some explanation. I’d like to gather here the state of knowledge about that feature, so everybody can understand what « Data Protection » really is.

To make it simple, since iPhone 3GS every iOS device produced includes a dedicated AES-256 cryptographic chip that is used by the OS itself or third-party applications using some APIs.

The OS uses this chip to encrypt all data on the device using the UID (which is unique) of the device to generate the encryption key.

Data Protection is only an additional layer that allow (or force) the user, by choosing a passcode, to protect the iOS encryption key itself.

Here are some of the most interesting articles/documents on that subject so that you can get a better idea of what Data Protection really is and what it can do:

And we maintain a List of Apps that support Apple Data Protection.

(originally via iOS4Business.)

Complete List of iOS User-Agent Strings

Your rating: None (25 votes)

User-Agent strings are a standard part of HTTP used to identify a particular client to the web server. The web server can then choose to send customized content to that device.

iOS sends specific User-Agent strings that can identify the specific device and version of iOS. The following tables list the iOS UA prefixes.

User-Agent Prefixes

User-Agent prefix Apple product
Apple-iPhone/ iPhone, 3G or 3GS with iOS 3.x
Apple-iPhone1C2/ iPhone 3G with iOS 4.x
Apple-iPhone2C1/ iPhone 3GS with iOS 4.x
Apple-iPhone3C1/ iPhone 4 GSM
Apple-iPhone3C2/ iPhone 4 GSM
Apple-iPhone3C3/ iPhone 4 CDMA
Apple-iPhone4C1/ iPhone 4S
Apple-iPhone5C1/ iPhone 5 GSM
Apple-iPhone5C2/ iPhone 5 CDMA
Apple-iPhone5C3/ iPhone 5C GSM
Apple-iPhone5C4/ iPhone 5C CDMA
Apple-iPhone6C1/ iPhone 5S GSM
Apple-iPhone6C2/ iPhone 5S CDMA
Apple-iPhone7C1/ iPhone 6+ CDMA
Apple-iPhone7C2/ iPhone 6 CDMA
Apple-iPod/ iPod touch 1st, 2nd or 3rd generation with iOS 3.x
Apple-iPod2C1/ iPod touch 2nd generation with iOS 4.x
Apple-iPod3C1/ iPod touch 3rd generation with iOS 4.x
Apple-iPod4C1/ iPod touch 4th generation
Apple-iPod5C1/ iPod touch 5th generation
Apple-iPad/ iPad with iOS 3.2.x
Apple-iPad1C1/ iPad with iOS 4.2.x
Apple-iPad2C1/ iPad 2 WiFi
Apple-iPad2C2/ iPad 2 WiFi + 3G GSM
Apple-iPad2C3/ iPad 2 WiFi + 3G CDMA
Apple-iPad2C4/ iPad Mini - WIFI
Apple-iPad2C5/ iPad Mini - WIFI + LTE
Apple-iPad3C1/ iPad (3rd generation) WiFi
Apple-iPad3C2/ iPad (3rd generation) WiFi + 4G Verizon / International
Apple-iPad3C3/ iPad (3rd generation) WiFi + 4G AT&T / International
Apple-iPad3C4/ iPad (4th Gen, WiFi Only)
Apple-iPad3C5/ iPad (4th Gen, GSM, NA LTE)
Apple-iPad3C6/ iPad (4th Gen, CDMA, LTE)
Apple-iPad4C1/ iPad Air - WiFi
Apple-iPad4C2/ iPad Air - WiFi + LTE
Apple-iPad4C4/ iPad Mini with Retina Display - WIFI
Apple-iPad4C5/ iPad Mini with Retina Display - WIFI + LTE

Below is the complete list of known iOS UA identifiers.

Exchange ActiveSync Protocol

No votes yet

Exchange ActiveSync (EAS) is an XML-based protocol that communicates over HTTP (or HTTPS) designed for the synchronization of email, contacts, calendar, tasks and notes from a messaging server to a mobile device. The protocol also provides mobile device management and policy controls. (— Wikipedia, which has a useful history of Exchange ActiveSync versions.)

iOS Version Exchange ActiveSync protocol version
iOS 2.x v2.5
iOS 3.x v2.5, v12.1
iOS 4.x v2.5, v12.1, v14.0
iOS 5.x v2.5, v12.1, v14.0

Who needs WWDC? Enterprise iOS Meet-Up in New York City June 21 — Save the Date!

No votes yet

Pencil in your calendars or tap into iCal: our virtual community is going live with a flesh-and-blood (not too much blood I hope) meet-up in June 21 in New York City. Connect with your follow iOS masters, swap stories from the trenches, kibbitz about the announcements from WWDC, and get inspired. We'll have a sponsor or two so the drinks will be free!

5:30 – 8:00 PM in the Flatiron District. I will post more details very soon.

About This Site

  • Enterprise iOS is a community for administrators of the iPad, iPhone, and related devices. All content is available to browse. We encourage you to create an account to submit stories, edit wiki pages, and post to our forum.

Comparison of MDM Providers

Recent Activity

Who's New