When it comes to ensuring that your employees are handling corporate data responsibly, managing their devices is just as important as managing their online identities. This aspect of resource management is called Mobile Device Management (MDM).
Zoho One offers MDM capabilities that help you ensure that only authorized users and devices are accessing privileged resources. With Zoho One's MDM, you can:
- Enroll company-owned devices and employees' personal devices into your organization
- Distribute the necessary apps to your employees' devices
- Control what your employees can do with their devices by setting up policies and restrictions
As an IT admin, managing the lifecycle of the devices in your organization is important. You can effectively manage the entire lifecycle of a device in Zoho One. A device's lifecycle starts with being enrolled into your organization. After enrollment, a device is assigned to an employee. As the employee progresses through different designations and different teams, the permissions, apps, and restrictions of their device may change. When an employee finally leaves the organization, their device will be deprovisioned.
Enroll your devices
The first step in mobile device management is enrolling the devices of your organization's workforce. Enrollment means adding the devices to your Zoho One account so that you can manage them with Zoho One's Device Management. You can enroll iOS as well as Android devices.
If your organization provides company-owned devices to your employees, you can enroll those devices as corporate devices. If you encourage your employees to use their personal devices for work, you can enroll those devices as personal devices. You can maintain complete control over corporate devices, but only limited control over personal devices.
Learn more:
Assign users and utilize groups
Once devices are enrolled, you can assign those devices to your employees. After assigning the devices, you will be able to distribute apps and set restrictions on them. You can also use groups to configure devices in bulk. This will be helpful when you need to set up devices based on which group of users will be using them.
Learn more:
Install and manage required apps
Manually installing and managing apps in each device will be tedious and time-consuming. Using Zoho One, the app management process is automated and simplified. Once a user is given access to a Zoho app, it will be automatically installed in their devices. In the case of third-party apps, you can distribute them to devices individually or in bulk using groups. If needed, you can also remotely uninstall the required apps from the devices.
Learn more:
Control and secure devices
When you allow your employees to access your organization's resources from their devices, you have to make sure those resources are not mishandled or compromised. You can achieve this by creating guidelines to govern access and monitor device usage. These guidelines can be set up based on factors like the type of the device and the level of restrictions required for the user. For example, if you want to prevent a user from accessing and viewing unauthorized sites, you can set content filters to block them.
If a device is lost, misplaced, stolen, or compromised, Zoho One offers various methods to secure devices and protect the data on them. You can execute the following security actions in the devices to keep your data safe:
- Remote lock - Secure device data by locking a device remotely.
- Remote alarm - Trigger an alarm in a misplaced device to locate it.
- Clear/Reset passcode - Remove or reset device passcode remotely.
- Complete wipe - Erase all the data in the device including user's personal data.
- Corporate wipe - Erase all the data distributed by Zoho One (such as apps and settings)
- Lost Mode - Secure and locate a lost device.
Learn more:
Deprovision devices
When an employee leaves the organization, you can deprovision their device to erase all the corporate data on it and remove it from management. This is particularly important in the case of personal devices, as you wouldn't want an employee to access your resources after they leave. As for company-owned devices, you can deprovision, re-enroll, and assign them to another employee.
You may also want to deprovision devices when they are damaged, under repair, or out of commission in any other way so as to protect your corporate data from unauthorized access.