Android BYOD (EMM) Enrollment

About BYOD (EMM)

Android BYOD (Bring Your Own Device) Enrollment, also known as Android Enterprise Work Profile, is a method of enrolling personal Android devices in an Enterprise Mobility Management (EMM) system. This allows organizations to manage and secure corporate data and apps on employees' personal devices, while maintaining user privacy and keeping personal data separate from work data.

In this enrollment method, a work profile is created on the user's personal device, which acts as a separate container for work-related apps and data. This ensures that the organization can only manage and access the work profile, without interfering with the user's personal data and apps.

Android BYOD Enrollment offers several benefits, such as:

  1. Increased flexibility: Employees can use their personal devices for work, reducing the need for organizations to provide dedicated work devices.
  2. Enhanced security: Corporate data is secured within the work profile, preventing unauthorized access and data leakage.
  3. Improved privacy: Users maintain control over their personal data and apps, as the organization can only manage the work profile.
  4. Simplified management: EMM administrators can easily manage and configure work profiles, apply policies, and distribute apps to enrolled devices.

To implement Android BYOD Enrollment, organizations need an EMM solution that supports Android Enterprise, such as FileWave. The EMM solution will guide users through the enrollment process and help administrators manage and configure work profiles on enrolled devices.

Getting Started with BYOD (EMM)

The very first step before getting start with BYOD (EMM) is to setup Android EMM using our QuickStart Guide.

After going through the QuickStart Guide continue with the next steps.

  1. Download Android device policy App (https://play.google.com/store/apps/details?id=com.google.android.apps.work.clouddpc&hl=en_US)
  2. From the App scan the Enrollment QR code
  3. Add the devices to admin as normal
  4. (Observe) you will have a "Play Store" app and a "Work Play Store"

The devices will have the same icon in admin.

If the Inventory field "Is User-Owned" is True, the device is a BYOD.

I would add this as a column in the client view to more easily identify.

AND_EMM-BYOD_same.png

Enrollment Workflow (EMM)

If you have a Google Policy Fileset with Network information in it. You can select it when you generate a QR code. This inserts the information onto the device for easy enrollment.

 
EMM-WiFi.png
Figure 1.1 - WiFi selected in enrollment QR

The QR code that is generated contains the WiFi password in plain text.

DO NOT leave the QR code just sitting around.

Android EMM Location Tracking

Android EMM devices need to install a FileWave "companion" application onto the device that will send us location data. Reference Force Location for EMM Android Devices for details.


Revision #4
Created 16 June 2023 13:22:08 by Josh Levitsky
Updated 18 April 2024 13:49:08 by Josh Levitsky