Category Archives: Mobile Iron

  • 0

Don’t Settle for “GOOD ENOUGH” Mobility

Category : Mobile Iron

Modern enterprises are rapidly shifting core business processes away from legacy technologies and standardizing on mobile devices and cloud services. As a result, these organizations are quickly outgrowing basic MDM capabilities and apps like email and calendar. Building a secure mobile and cloud architecture now requires a comprehensive approach to EMM to protect business apps and data running on any device, network, or cloud service.

The good news is, organizations don’t have to settle for “good enough” mobile management solutions that don’t scale to support rapidly changing mobile requirements. MobileIron is recognized leader in mobile and cloud security, and our comprehensive platform helps customers improve security, enable a more productive user experience, and scale to meet future mobile business requirements. In addition to being the enterprise choice for secure mobility, we rank in the top five for all categories of the Gartner Critical Capabilities for High-Security Mobility Management.

  • 0

MobileIron Cloud November 2017

Category : Mobile Iron

We are excited to announce that the latest release of MobileIron’s cloud-based enterprise mobility management (EMM) solution is now available on our global clusters. Let me quickly share with you some of the new features we’ve introduced!

iOS and macOS enhancements

Our product teams continue to provide controls necessary for admins to efficiently manage iOS and macOS devices using MobileIron Cloud. For example, MobileIron Cloud now supports several new mobile device management (MDM) features introduced in iOS 11:

  • Exposed iOS 11 “Files” as a managed app
  • Support for IKEv2 VPNs
  • Control AirPrint

It’s no secret that downloading or streaming music on supervised (corporate-owned) devices is typically frowned upon, perhaps considered a distraction during work hours, an unnecessary assault on the corporate data plan, or both. Using MobileIron Cloud, admins can easily enable/disable the Apple Music Restriction on supervised iOS devices. Another nice enhancement is the ability for admins to download applications from third-party vendors’ websites and import to MobileIron Cloud, where they can be managed and distributed as in-house applications. Also worth mentioning here is that new restrictions for supervised iOS 11 and macOS endpoints have been added. Admins can now enable/disable AirPrint, Allow AirPrint iBeacon Discovery and Require Trust TLS for AirPrint. Each of these restrictions helps improve security for the organization. And finally, I’d like to point out that MobileIron Cloud now allows admins to manage their own Spaces, and distribute apps according to their organizational needs. For example, organizations can procure apps with their own Apple APP Tokens in their Spaces.

Android and Android enterprise

Now, I’d like to tell you about some new enhancements MobileIron Cloud brings to the table for Android and Android enterprise. Admins can allow users to modify Date and Time, as well as Cellular Settings in Android Kiosks. Why is this important? Because enterprises deploying Android kiosks in different countries can now allow users to manage their date and time settings (especially the time zone), as well as the cellular settings for devices connected to manage their cellular connectivity. Why is this important? Because Wi-Fi-only devices typically have no way of automatically synchronizing time zones. So, the Date/Time setting allows users to manually configure the time zone. Similarly, the Cellular settings allows users to turn on and turn off roaming settings (on selected devices) in Kiosk mode. And last, but certainly not least, MobileIron Help@Work enables the Help Desk staff to view and remotely control devices deployed with Android enterprise. The end result is improved support, with faster mean-time-to-resolution (MTTR).

Windows 10

So, as you’ve seen above, this release of MobileIron Cloud includes a good number of features for iOS, macOS, Android, and Android enterprise. What about Windows 10? Well, this release does not include a bunch of new features for Windows 10. However, I can tell you about one that comes in quite handy. Often, there are apps pre-built into a Windows 10 OS instance? that admins simply do not want to have on their users’ devices. Think XBox, Candy Crush Saga, and other apps that really have no business being on a business computer. What’s nice is that with MobileIron Cloud, admins can easily remove Windows 10 desktop “bloatware” by using MobileIron Bridge. Super easy and a nice time saver that helps to provide an even better experience both for admins and the Windows 10 users they support.

So, there you have it, a quick snapshot of the new features and benefits introduced in our latest release of MobileIron Cloud.


Author: Mathew Law

  • 0

MobileIron Creates New Internet of Things Division

Category : Mobile Iron

MobileIron, the security backbone for the digital enterprise, today announced that it has formed an Internet of Things (IoT) division which will focus on building an end-to-end chain of trust from sensor to app to gateway to cloud to network. The company also announced that Santhosh Nair has joined MobileIron as VP IoT to lead the division. He will work closely with MobileIron co-founder and Chief Technology Officer Suresh Batchu. MobileIron is targeting having an IoT product ready for sale later this year. Bain & Company estimates that by 2020 IoT vendor revenue could exceed $470 billion.

The announcement was made this morning at MobileIron’s Analyst Day. A live audio webcast of the presentation may be accessed by visiting the Investors page of the MobileIron corporate website at A replay of the presentation will be available for one year following the presentation.

Many existing IoT systems have significant limitations because they are highly customized and inflexible, which makes them hard to configure and expensive to maintain over the system’s lifecycle. MobileIron’s IoT platform will be designed to:

  • Use a standards-based, open systems approach for interoperability;
  • Deliver scalable, automated lifecycle management to mitigate against the possibility of human errors;
  • Protect the integrity and the security of petabytes of moving data; and
  • Provide continuity for systems that are too critical to fail.

“There’s been a lot of hype around the Internet of Things and most of it is just that: hype. The mistake that a lot of companies make with IoT is that they start by looking at the problem from the sensor up,” said Barry Mainz, President and CEO, MobileIron. “Our customer-focused approach is exactly the opposite. Over the last year, we have worked hand-in-hand with our customers and global operator partners to understand how companies want to use IoT and what challenges they face. As a result, we have defined specific use cases in healthcare, energy, manufacturing, and automotive where we can help our customers. This creates a tremendous opportunity for us.”

The Internet of Things is the next frontier of the Information Age. IoT automates core business workflows by digitizing the collection of data in order to gather insights that drive physical action. Enterprise computing happens at the network edge and in the cloud to reduce latency. The consequences of inaccurate information or inappropriate action can be costly (supply chain disruption), dangerous (a pipeline leak), or deadly (medical errors). In IoT, scale and security are critical. MobileIron’s goal is to provide a unified platform and a single pane of glass to secure and manage IoT services.

MobileIron’s IoT solution applies the company’s software leadership and innovation to this new market opportunity. MobileIron’s three-point architecture of policy engine, edge client, and network gateway is directly applicable to the challenges of IoT deployments. Administrators automate rules using the policy engine. The edge client enforces actions on the IoT gateway and monitors security posture. The network gateway ensures that IoT data is transmitted securely and not susceptible to man-in-the-middle attacks. And all these actions are done at massive scale.

Joining MobileIron to lead the new division is Santhosh Nair. Santhosh brings more than 20 years of international experience in strategy, engineering and product management. He joins from Wind River, an Intel company, where he was the Vice President & General Manager of the IoT business unit and managed key customer relationships across broad markets. Prior to Wind River, he spent over 15 years at GE Healthcare culminating in his role as Worldwide Product Manager for the $1.5B Computed Tomography (CT) business. He holds an MBA in Strategy & Marketing from Northwestern University Kellogg School of Management and a BTech in electronics and telecommunications from Government College of Engineering, Trivandrum, India.

“When I met with the team at MobileIron, I was impressed with their insights on the Internet of Things and I’m excited to turn these insights into execution,” said Santhosh Nair, VP, IoT, MobileIron. “Enterprise endpoint security is critical to the successful adoption of technologies for the Internet of Things and many of MobileIron’s engineering innovations are directly applicable to IoT. I believe we have a big opportunity and a huge market lead.”


  • 0

What’s New with MobileIron EMM: Top Highlights of Core 9.6

Category : Mobile Iron

We are excited to bring you another new release of MobileIron enterprise mobility management (EMM), MobileIron Core 9.6, which includes more than 30 new features focused on enhancing security, improving usability, and further strengthening our multi-OS support. Let’s take a look at several highlights of this release!

Office 365 App Protection

Thanks to MobileIron Core 9.6 compatibility with Microsoft Graph APIs, admins now have the ability to segregate Office 365 apps and data from personal apps and data on users’ mobile devices. This level of data loss prevention (DLP) is especially critical in financial services, healthcare, government, and other highly-regulated industries. MobileIron Core 9.6 provides access to the following Office 365 App Protection settings for Android and iOS devices:

  • Restrict Cloud backup — Enable/Disable backup of information from the app to the Cloud
  • Cut/Copy/Paste restriction — Enable/Disable copy/paste operations between policy-managed apps and other apps
  • Disable “Save As” — Enable/Disable the use of “Save As” in any app that uses policy. Select services data can be saved to: OneDrive, SharePoint, and Local
  • Restrict Data Transfer To/From Managed Apps —Allow/Disallow app to send/receive data to/from other apps
  • Encrypt app data — Enable encryption of app data
  • Restrict web content to Managed Browser —Any links in the app will be opened in Managed Browser if enabled
  • Disable Printing — If enabled, app cannot print protected data
  • Disable Contacts Sync —Enable/Disable saving of contacts from app to native address book
  • Disable Screen Capture — Block screen capture (Android only) and Android Assistant app scanning
  • Block Access on Jailbroken/Rooted Devices — Block apps from running on jailbroken or rooted devices
  • Wipe after Extended Offline — Wipe corporate data when a device is offline for a specified duration
  • PIN/Fingerprint for Login — Enable/Disable PIN for login to Office 365 apps

Additional macOS capabilities

MobileIron continues to expand upon our EMM capabilities for Mac desktops. Prior to this release, MobileIron Core admins were able to install only those apps made available via the Apple Mac App Store. However, with new Core 9.6, admins now have the added convenience of installing custom, in-house apps as well. In addition, several new restrictions have been added to provide admins with more granular controls for software downloads that occur via the Apple Mac App Store. Also important to mention is that additional features are now available to improve data loss prevention (DLP) for Macs. Admins can now implement disc burning restrictions to enable or disable disc burning. Plus, allowed media control helps to prevent data loss by enabling granular control of media disc operation, as well as controlling new restrictions introduced in macOS 10.13. And finally, Core 9.6 enables admins to create policies in Spaces for delegated admins in those spaces, these include macOS policies.

Google Play Alpha/Beta

Developers now have the ability to distribute early app releases using Google Play alpha/beta channels. This level of flexibility means that admins can now limit new software releases to a subset of users (i.e., early testing purposes), as opposed to pushing the release to the entire user base. Admins can easily enroll selected users for pre-release apps, and with no user interaction required. Another advantage of Google Play Alpha/Beta is that Developers are no longer forced to publish beta apps separately. In addition, developers can now take advantage of Google Play publishing tools for in-house apps.

Support for Samsung Enterprise Firmware Over-the-Air (E-FOTA)

Using Samsung E-FOTA, admins now have the ability to manage and push selected versions of device firmware to users with supported Samsung devices. There are many benefits to E-FOTA. For example, thanks to more control over device configuration, admins can minimize unplanned changes to device environments. Strict firmware policies for Samsung devices can now be enforced by model and groups. Admins can specify target firmware for bot user-selected and forced updates. In addition, admins can now manage policies by employee groups, which allows for more granular control over which firmware to update, and when.

Work Schedule policy facilitates ”Right to Disconnect” legislation

Earlier this year, “Right to Disconnect” legislation was introduced in France. Now, at the conclusion of the work day, employees have the right to ignore work-related emails until the following day. MobileIron Core 9.6 enables admins to create policies that define work schedule and enable blocking of Exchange ActiveSync, AppConnect-enabled apps, and managed apps that use MobileIron Tunnel during non-work times. The goal here is to ensure that employees maintain a healthy work/life balance. MobileIron is excited to support this effort!

SAML 2.0 and support for ADFS IdP on Admin portal and self-service user portal

MobileIron Core 9.6 enables admins to use the Core GUI to persistently configure and enable user authentication using SAML 2.0 and Active Directory Federation Services (ADFS) Server 3.0. Users who access the MobileIron Core admin portal and self-service user portal can be authenticated via an external identity provider (IdP) with Single Sign-On (SSO). Enabling ADFS on the self-service user portal reduces the potential for denial-of-service (DoS) attacks on corporate LDAP servers.

Machine learning-based MobileIron threat defense and remediation

MobileIron Core 9.6 provides a new user interface drop-down option that enables admins to distribute a MobileIron threat defense activation code via Android XML Configuration to Android devices that have the appropriate Mobile@Work client installed on them. Activation code for MobileIron threat defense on iOS devices that have the appropriate Mobile@Work client installed on them is distributed via existing plist mechanism.

There you have it, some of the top highlights of new MobileIron Core 9.6.


Author: Matthew Law

  • 0

Secure Mobile Content Management (MCM) Keeps Data Safe and Business Moving

Category : Mobile Iron

Employees stay productive wherever they work with secure, anytime access to essential business content. With secure mobile content management (MCM) software, IT can protect confidential business information necessary to support today’s modern work style, without slowing down business productivity. That means employees can access critical business content and collaborate seamlessly across any network, on any mobile device, or desktop without security prompts interrupting their workflow.

Secure access to enterprise file synchronization and share systems (EFSS)

Protect access to EFSS systems via a secure mobile content repository that encrypts data locally, supports document annotation and editing, connects securely to back-end content storage and provides IT visibility into information stored on mobile devices.

  • Authorize access to both on-premises and cloud EFSS systems like Sharepoint, Office 365, and Box.
  • Integrated annotation and editing capabilities allow users to review and annotate documents on any device.
  • Automatically publish important documents and media to employee devices.
Secure access to enterprise file synchronization and share systems (EFSS)

Prevent data loss on mobile devices and desktops

Mobile content security policies and controls prevent unauthorized sharing and allow IT to remotely wipe data if the device doesn’t comply with corporate security requirements.

  • Use a single console to configure and enforce data loss prevention (DLP) policies such as open-in and copy/paste restrictions.
  • Leverage FIPS 140-2 validated encryption to protect content stored on mobile devices.

  • 0

Why we’re excited about Google Zero Touch provisioning

Category : Mobile Iron

Recently Google announced support for Zero Touch Provisioning. The announcement understandably generated quite a bit of excitement throughout the industry and especially among MobileIron customers. We’ve always felt that, although we’ve made leaps and bounds over the years in simplifying the Android enrollment process, there has always been “room for improvement.” Zero Touch Provisioning is the hallmark of a new era in Android device security, since it makes enrollment into an EMM simple and intuitive.

How it works

With Google’s new “ZTP” feature, when devices are purchased by an organization through an approved reseller, IMEI’s or serial numbers are transmitted to the Android Zero Touch Portal. An approved admin can then assign a configuration to the device, for instance, directing a device to enroll with a pre-populated username to MobileIron Cloud or Core. An Over-The-Air enrollment will occur on brand new devices or after a device has been reset to factory defaults. Admins can also decide whether Google’s system apps will appear on a device and streamline the onboarding process by reducing the number of steps needed to enroll a device.

Zero Touch Enrollment

Image Courtesy:

Devices that register with ZTP become fully managed and owned by the organization, which means that admins have greater control over the devices and heightened capabilities like the option to deploy apps silently or create kiosks on the device.

Today, Zero Touch Enrollment is supported on Google Pixel and Pixel 2 devices running Android 7.0 or newer. We’re also beginning to see resellers and OEM partners announce support for the new standard for 8.0 devices, with Huawei recently announcing support for the Mate 10 and Sony for the Xperia XZ1 and XZ1 Compact. Not all Android 8.0 devices support Zero Touch, so be sure to check with the manufacturer or with Google to see if they will be supporting this important new capability.

For the latest list of approved resellers and devices and instructions on how to participate in Zero Touch Provisioning, please be sure to check out these links from Google:

Want to learn more?

MobileIron customers can take advantage of materials published to our Community portal and check out a video overview in our Zero Touch Provisioning Guide.

We’d also recommend checking out this article from which includes a video demonstrating Zero Touch enrollment of a Sony device on MobileIron Core. Zero Touch provisioning is supported today on both MobileIron Cloud and Core.


Author: Russ Mohr

  • 0

MobileIron Bridge

Category : Mobile Iron

Modern desktop security and management with the granular controls you need

MobileIron Bridge allows you to use modern management techniques to solve for the right desktop use cases. Now you can enjoy low touch, agile IT operations while ensuring strong security and over-the-air management across all your modern endpoint.

Closing the EMM gap

MobileIron Bridge is the first solution to unify mobile and desktop operations for Windows 10 using a single console and communications channel so you can provision, secure, and manage Windows 10 PCs more cost-effectively and with greater agility.

  • Enforce actions from existing Powershell scripts
  • Deploy non-MSI applications through an enterprise app store
  • Define a peripheral device
  • See the software on the device
  • Edit and manage the registry
  • Manage the file system and create desktop shortcuts
  • Determine hardware connected to the device
  • Remove bloatware from the device including system apps

More info:


  • 0

MobileIron and Zimperium to Deliver First Real-Time Detection and Remediation for Mobile Threats

Category : Mobile Iron

MobileIron, the security backbone for the multi-cloud enterprise, and Zimperium, the global leader in enterprise mobile threat defense (MTD), today announced that MobileIron will integrate Zimperium’s machine learning-based threat detection with MobileIron’s security and compliance engine and sell the combined solution. This integration will address one of the most significant mobile security gaps faced by enterprises: the ability to detect device, network, and application threats and immediately take automated actions to protect enterprise data.

Interest in mobile threat detection is high but adoption is just starting
Despite the rise of high-profile mobile attacks such as Broadpwn and BlueBorne, MobileIron’s Mobile Security and Risk Review found that less than 5% of enterprises around the world have implemented anti-malware solutions. However, enterprise interest is growing.

“Mobile attacks are growing at a rate of more than 100% over the last two years and we’ve seen a corresponding rise in IT department interest in mobile security and mobile threat defense in particular,” said Nicholas McQuire, Vice President Enterprise Research at CCS Insight. “According to our latest 2017 Workplace Technology Survey fielded in August, over 35% of IT decision makers now list device security, malware and threat protection as the biggest priorities for investment in enterprise mobility and security in 2017. In our view, the integration of EMM and MTD is crucial in addressing customer needs today and is also an important area of innovation for leading technology suppliers in the future.”

Partnership will close the gap between time of detection and remediation
Zimperium delivers zero-day, machine learning and behavioral-based detection on the device itself, as opposed to other vendors that require signatures or cloud lookups. This eliminates the delay of pure cloud lookup solutions and ensures devices are protected whether they are connected to a network or not, and even during a Man-in-the-Middle (MITM) attack. With the new integration, once Zimperium’s engine detects a threat, MobileIron can take an immediate and automated remediation action—without having to rely on a cloud query.

Integration makes it simple to deploy mobile threat detection
“User experience and security must work hand-in-hand in enterprise mobility,” said Barry Mainz, President and CEO, MobileIron. “With this integration, both employees and IT can feel confident they are protected against mobile threats without employees being required to take a single action.”

“With this partnership, customers get two best-of-breed products in an integrated experience: Zimperium for detection and MobileIron for remediation,” said Shridhar Mittal, CEO, Zimperium. “Zimperium’s machine learning engine has detected every major mobile exploit for the past several years even before the exploits being announced. With MobileIron’s advanced remediation capabilities, customers will have the most immediate response to malicious activity, supported by enterprise grade forensics.”


  • 0

MobileIron adds Apple macOS features to its enterprise mobility management tools

Category : Mobile Iron

The Apple Release from MobileIron gives a nod to enterprises that are increasingly adopting Macs but not managing them through central IT systems.

MobileIron launched its Apple Release that will integrate the macOS and add zero day compatibility support for iOS 11, which will launch in September.

The Apple Release from MobileIron gives a nod to enterprises that are increasingly adopting Macs, but not managing them through central IT systems.

MobileIron’s Apple Release will allow data protection on the Mac by securing application delivery and configurations. MobileIron Tunnel, which provides per app VPNs, is included along with cloud trusted access tools.

Apple Release features will include:

  • macOS support for the MobileIron Access and Tunnel tools
  • Policies to define which apps employees can download
  • MobileIron app distribution tools for the macOS as well as Apple’s Volume Purchase Program and Device Enrollment Program
  • In-house app support for software not in Apple’s Mac App Store
  • Pre-defined compliance actions
  • Restrictions through Sierra 10.12 release
  • And custom configurations

MobileIron supports Android, iOS, macOS, and Windows 10 for its enterprise mobility management platform.


  • 0

MobileIron Access Wins CyberSecurity Breakthrough Award for Application Security Solution of the Year

Category : Mobile Iron

MobileIron (NASDAQ:MOBL), the security backbone for the multi-cloud enterprise, today announced that MobileIron Access has been selected as winner of the Mobile Security “Application Security Solution of the Year” award from CyberSecurity Breakthrough, an independent organization that recognizes the top companies, technologies, and products in the global information security market today.

There are a variety of security risks that exist between devices and apps and the services to which they connect. For example:

  • Jailbroken device: An employee uses Office 365 mobile app to access business data from a jailbroken device. Business data is now on a hacked device.
  • Unauthorized Mac or PC: An employee syncs Google Drive files to a personal computer. Business data is now on an unsecured device.
  • Unauthorized cloud app: A salesperson downloads one of the dozens of apps that use APIs to connect to the cloud service. Business data is now in an unsecured mobile app.

The critical link between the mobile app and the cloud service, MobileIron Access solves these security risks by acting as a gate on the authentication path between the user and the cloud data. With MobileIron Access, only trusted users on trusted devices using trusted applications can get to that data. Untrusted users, apps, and devices are blocked.

“We believe we are the first to solve this problem and are proud to see MobileIron Access recognized by CyberSecurity Breakthrough,” said Barry Mainz, President and CEO, MobileIron. “Identity solutions and cloud gateways alone are insufficient because they lack visibility and control over the security posture of mobile devices and apps. MobileIron Access is the next generation of cloud security and lets our customers confidently expand their use of cloud services.”

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security and many more. This year’s program attracted more than 2,000 nominations from over 12 different countries throughout the world. All nominations were evaluated by an independent panel of experts within the information security industry.