WSO2 EMM v2.0.0 functionality

Question

Good day

Ime looking to bring the EMM onboard in our already successful WSO2 environment but just need some help.

1) The latest EMM (2.0.0) seem to not be able to restrict/enforce the applications a device is allowed to have installed. I want to have only white listed apps installed on a device. Is this possible?

2) If a policy disables functionality e.g. the camera, all the user has to do is click on the app, deregister from EMM and bypass the policy as needed. After the user is done he/she can just register again. This does introduce the risk of a user installing unwanted software on a COPE device thus compromising the device.

3) If you have a COPE device registered and the user uninstalls the EMM app, do you loose all the monitoring functionality and control?

Thanks in advance for you assistance. :-)

Answer 1

Please see the answers in line.

1) That whitelisting and blacklisting part is still in progress. With a future release you should be able to block the Google play app, Apple app store app etc. and enforce only the whitelisted apps to your devices.

2) Yes that is where the monitoring helps. It needs to track whether the user has removed the app or not. Anyway if you have policies created in advance and assigned it to roles with enforce selection even after they enroll again it should get pushed back to that device.

3) Yes it is. Specially in Andorid it rely on this agent app. Other platforms like iOS will have the OS based MDM capability where this will not have any effect. Anyway Android is also going towards the same profile concept in newer Android versions. Apparently we are going to support them in a future release. For the existing versions that is how Android has provided the APIs.