Android Management
• 1 min to read •
Being one of the most widely used mobile operating systems in the world, Android is prone to multiple security compromises. Accessing critical business data stored on Android devices can threaten security if hacked, stolen, or lost.
With Syxsense Android device management IT administrators and security departments can manage all of a company's and personal mobile devices, keeping them secure and the workforce flexible and productive.
It helps you set up devices with ease, secure both data and devices, and manage Android settings and applications remotely. Android management allows to:
- control Google Play apps deployment
- control hardware features such as camera, USB storage, or microphone to protect sensitive data
- control data-level leaks with feature restrictions (like a clipboard or screen-shot functions)
- set policies to enable access to corporate resources
- set password policies (updates or complexity evolving corporate standards)
Prerequisites A Syxsense Manage or Enterprise account that has 'Admin' permissions |
❶ | Click on 'Settings' in the top right corner of the screen ① > Choose 'Android Management' ②Drop-down TitleDrop-down Title |
❷ | Fill in the form with your contact information. |
❸ | Click 'Enable Android Management' ③ |
❹ | After enabling the setting you will receive your unique ID |
❺ |
After enabling the setting, choose one of the following options: ① Stop data collection and delete the assigned ID ② Temporarily discontinue the data collection with keeping the assigned ID for further reactivation ③ Enforce the data collectionDrop-down TitleDrop-down Title |
Guided walk-through: How to Set Password PoliciesGuided walk-through: How to Set Password Policies
❶ | Click on 'Mobile Management' ① > Click on 'Policies' ② > Click ③Drop-down TitleDrop-down Title |
❷ |
Configure the policy
Passwords that contain only alphanumeric or alphabetic characters are easy to discover. It is recommended to use a variety of characters to strengthen security. E.g. COMPLEXITY_HIGH will define the high password complexity band as follows:
This tab allows setting more complex requirement values:
|
❸ | Click 'Set and Deploy' ⑥ |
❶ | Click on 'Mobile Management' ① > Click on 'Policies' ② > Click ③Drop-down TitleDrop-down Title |
❷ |
Select thebutton on the toolbar and then review the Application Deployment wizard window which will open. Take the following steps:
Syxsense interfaces with the Google Play Store to provide or deny access to a particular application. Because of this interaction with the Google Play Store, we can offer a pre-built list of applications available from the Play Store, without any special configuration required. Selecting this option will open a popup window which provides a list of available applications from the Google Play Store.
Currently Syxsense supports the following Installation types: Available – Do not auto install the application but allow the install of the application from the Google Play Store. Preinstalled – Software Exists on Device Already and will be modified to match current application requirements. Force Installed – Software is automatically installed on the device when policy is deployed. Blocked – Software is not allowed to be installed on the endpoint. Required for Setup – The App is automatically deployed and cannot be removed by the user. Setup of the device will not complete until application is deployed. KIOSK – Software is installed by default and launched on the device in Kiosk mode.
This Default Permissions option regulates what permissions are assigned to an application if requested. The Default Permissions provide the following options: Prompt – Allows the user to select the permissions they want to approve for the application. Grant – Automatically allows the access requested by the application. Deny – Automatically denies the access requested by the application. Permission-Policy-Unspecified – Check for an explicitly set policy within the application policy document, and if not found, use the Prompt behavior.
Available options for this setting are: 'Connected_work_and_personal_app_dissallowed' - Forces the app to only be accessed within the work profile. 'Connected_work_and_personal_app_allowed' - Lets the user use the app from their own profile.
Currently, Syxsense supports the following update methods: Auto_Update_Default – Automatically updates the application within a few days of when the update is made available. Auto_Update_Postponed – Do not auto update the application for at 90 days after the application becomes out of date. Auto_Update_High_Priority – Update the application as soon as a new version of the application becomes available.
Currently, Android supports hundreds of explicit permissions which you can configure to allow, deny, or prompt. If you would like to review the specific permissions which Syxsense can control for an android application, please review the official Android Developer Guide: Permissions Management document provided by Google.Drop-down TitleDrop-down Title |
❸ |
Click 'Save' to finalize the application. Once saved, your new application deployment can be found within the Apps tab for the current Android deployment policy under the App ID field. |
Guided walk-through: How to Add Enforcement PolicyGuided walk-through: How to Add Enforcement Policy
❶ | Click on 'Mobile Management' ① > Click on 'Policies' ② > Click ③Drop-down TitleDrop-down Title |
❷ | To create a new Enforcement Policy select the button in the toolbar of the Android Policy builder. |
❸ |
Take the following steps:
Syxsense currently supports the following Block settings: Block_Scope_Unspecified – Blocks the setting if another policy does not supersede it. Block_Scope_Work_Profile – Blocks the setting from being modified by the work profile. Block_Scope_Device – Blocks the setting from being modified by any profile on the device.
Setting the Wipe After to 0 disables the option. Drop-down TitleDrop-down Title |
❹ | Click 'Save' to finalize the enforcement policy. |
Last Update: July, 2024
Copyright ©2024 by Syxsense, Inc. All Rights Reserved