BrowserControl from Slack and MobileIron

If there’s one thing Covid-19 has taught enterprises, it’s that they can still achieve productivity with their employees working remotely. Organizations can embrace work-from-home policies and provide appropriate tools to augment employee efficiency and throughput, without compromising on security. Productivity and collaboration applications have been essential to maintaining communications, ensuring connectivity and increasing productivity during this pandemic. What’s more, by using MobileIron’s unified endpoint management (UEM) platform, organizations can securely deploy these critical productivity and collaboration applications.

Customers can manage and deploy the Slack for Enterprise Mobility Management (EMM) application through MobileIron’s UEM platform, push security configurations and enable end users on mobile endpoints to log in seamlessly. It’s a completely low-touch experience that allows IT to increase security while empowering employees to remain productive.

As a member of the AppConfig community, Slack offers the Slack for EMM app which supports managed app configuration. In this post, I’ll touch on the latest AppConfig updates for the Slack for EMM app and the app’s important new feature called BrowserControl, which is supported by MobileIron UEM. Using Slack’s latest AppConfig specification or key value pairs (KVPs), the Slack for EMM app can be set up with various configurations remotely from a UEM platform like MobileIron. These configurations are now visible in the MobileIron UEM (Core and Cloud) console.

Administrators can set up the app configurations after importing the Slack for EMM app in MobileIron UEM (Core and Cloud) and deploy the app configurations en masse to all managed devices effortlessly. To gather more information about EMM support for Slack and the various app configurations that are supported, please go here. A quick snapshot of the configurations can also be found below.


Photo 1


One of the most important features included in the latest Slack for EMM app is called BrowserControl. It can be configured through an AppConfig key from MobileIron’s UEM console. This key, when configured, mandates the Slack for EMM app user to work with specific browsers, such as MobileIron Secure Browser (Web@Work), to sign in and access any links from Slack. If the deployment is on an Android device, running on Android Enterprise mode, the Chrome browser is used.

In both cases (IOS or Android), the traffic from MobileIron Web@Work or Chrome browser (running inside the container) is secured by the MobileIron Tunnel app. A typical use case for this feature is when an organization has Slack federated with an identity provider (IdP), but the IdP is not exposed externally to the internet. In such cases, the Slack for EMM app, at the time of sign-on, leverages either MobileIron Web@Work or Chrome along with MobileIron Tunnel to allow a secure VPN into the network and communicate with the IdP. The browser will hand over the token issued by the IdP back to the Slack for EMM app, which it will use to provide a single-sign-on (SSO) experience to the user. Below is the configuration for the Slack for EMM app, as seen on MobileIron Core.


Photo 2


A short video on showing the experience by end user device on IOS during Sign-on (SSO)



Click here to learn more or to quickly enable your workforce by enrolling an unlimited number of new users and devices in MobileIron UEM at no additional cost through June 15, 2020.

Kalyan Vishnubhotla

Business Development Lead - Technology Integrations

About the author

Kalyan works as a lead at Mobileiron's Business and Corporate Development unit, specializing in technology integrations, developer relations and security.