Android Zero-Touch

Link Securepoint Unified Security Tenant (end customer) to a Gmail address registered in Google's Zero Touch portal

Requirements

Configuration

Configuration in the Securepoint Mobile Security Portal under  Mobile Security Settings of the respective end customer/tenant in the section  Android Zero Touch

Step 1: Dialog: Add Step 1: Dialog: Add
Add/Link	Opens the dialog for adding a link	Step 2 Access data for Google account Step 3 Grant access permission A security alert from Google is sent via email: "Securepoint Unified Security has been granted access to your Google account".
Step 2: Login data Step 2: Login data
Enter the access data to the Google account that was registered with the dealer when ordering mobile devices
Step 3: Grant access permissions Step 3: Grant access permissions
Grant access permission so that the portal can access the Google account as needed A security alert from Google is sent via email: "Securepoint Unified Security has been granted access to your Google account".
Step 4: Finalize Step 4: Finalize
Confirm	The Google user account has been successfully added for Zero-Touch configuration. Finish with the Confirm button.	Finish with the Confirm button
Result Result
Google account linked to Zero-Touch		Zero-Touch entry in the Settings menu

If the retailer has already stored the IMEI or serial number in Google's Zero Touch portal, the device will appear in the  Mobile Security Android Devices menu with a Zero Touch tag in the header of the device tile.

An enrollment token must be created for a profile to be applied to the device. See the Wiki article on enrollment for Android devices.
If necessary, a suitable profile must be created.

Registration in the menu  Mobile Security Android Zero-Touch

Name:	Demo TTT-Point	Configuration name	Menu for adding zero touch devices
Enrollment token	Profile: Selected profile | Token abCD12	The selected enrollment token (as created in the Devices / Enroll new device menu) will be applied to all devices enrolled with this configuration. Since sensitive data and access can be pushed with the settings, it is strongly recommended to use an enrollment token with code. This ensures that only authorized users can access the configured device.
Customer:	SecurepointCustomer	The description for the customer as it was transmitted to the device retailer. If several Gmail addresses were linked to the zero touch portal, different descriptions can be selected here.
Standard		Defines whether this configuration is the default or not. When    is enabled, new zero touch devices are automatically added to this configuration unless another is specified Note: At least one configuration should be defined as default.
Company	TTT-Point AG	Freely selectable designation for the company to which this device is to be assigned.
E-mail	admin@anyideas.de	Contact Email Address Displays on mobile during the setup process when IT Administrator is tapped on the "This device belongs to your organization" screen.
Phone number	01234-56789	Contact phone number display see above
Custom message	Welcome to TTT-Point	Shown on the display during device setup
Devices	×123456789012345	This configuration can be assigned to devices based on their IMEI or serial number The box is only active if a customer has been selected as well
Save		Saves the configuration
Zero touch configuration with assigned device

Closing by user

The end user must now switch on the device for the first time and establish an Internet connection.
The configuration from the profile is then automatically applied to the device.