Integration of iOS devices into the Mobile Security Portal
Last adaptation to the version: 1.5 (11.2019)
- New:
- Localization only possible for supervised devices
- Changes in the enrollment process
- Detailed description of the steps on the device
- Detailed description of the steps with MacOS for supervised devices
Technical requirements
- iPhone / iPad (min. iOS 11)
- Access to the Securepoint Mobile Security Portal
- For security reasons, Apple provides the full functionality for iOS devices only in supported mode.
Requirements for this:- Apple Mac (min. macOS 10.14 or later)
- Apple Configurator 2 (at no charge in the App Store)
- It is possible to have notifications sent automatically as soon as a device is enrolled or unenrolled.
Further information in our Wiki article.
For a large number of devices and users, it is recommended that you map the assignment using roles.
Installation on the device
The onboarding of iOS can be performed in supervised or unsupervised mode. The differences are listed in a Functional Comparison Overview.
Unsupervised device
User without access to Securepoint Mobile Security Portal
Preliminary work of the administrator in the Securepoint Mobile Security Portal: | |
---|---|
Send invite | /|
|
|
|
Administrator with access to the Securepoint Mobile Security Portal
Preliminary work of the administrator in the Securepoint Mobile Security Portal: |
---|
Register new device / iOS | /
The QR code can be scanned with the camera app.
The following steps must be executed:
- Website QR Code. open securepopint.cloud in Safari
- This website is trying t odownload a configuration profile. Do you want to allow this?
- Install configuration profile Securepoint MDM via menu Settings → Profile loaded
- Install Securepoint Mobile Security certificate and add it to the list of trusted certificates.
- Trust Remote management
Supervised device
All data, configurations and individually installed apps are deleted during this process!
The device is reset to the factory settings. Operating system updates are kept. This process is required in iOS to ensure complete control over the device and to prevent unwanted apps from being allowed or uninstalled.
Preparation
If the device has already been connected to an Apple user account, this connection must be disconnected:
- Log on to https://appleid.apple.com with the login data, used on the device.
- In the Devices section, remove the device in question.
Configuring the device
- Preparation in Apple Configurator2:
- Connect your iPhone / iPad to your Mac
- Ignore the message "A new network connection was found" with .
- Configuration of the smartphone with the steps previously configured for the iOS installation wizard.
- Allow remote management
Login to the portal
The device is now displayed in the portal and the enrollment must be completed by clicking on the device tile.
Device Alias
For better identification, the device should be given an alias name:
a0a0 (4-digit ID) (in the upper part of the device tile)
Ownership Selection
There are two different installation options for the Securepoint Mobile Security App, which result in significant differences in administration:
Owner 'COPE |
| ||||||||
Owner BYOD | Standard functional range.
|
Login
Ownership | Selection between COPE (Corperate owned, Personal enabled) |
With BYOD additionally: | |
User | Device user from the user administration. |
□ | Accept the terms of the license and privacy policy |
agree | Accepting and saving the settings |
Displays the updated properties. |