What’s New with MobileIron EMM: Top Highlights of Core 9.6

We are excited to bring you another new release of MobileIron enterprise mobility management (EMM), MobileIron Core 9.6, which includes more than 30 new features focused on enhancing security, improving usability, and further strengthening our multi-OS support. Let’s take a look at several highlights of this release!

Office 365 App Protection

Thanks to MobileIron Core 9.6 compatibility with Microsoft Graph APIs, admins now have the ability to segregate Office 365 apps and data from personal apps and data on users’ mobile devices. This level of data loss prevention (DLP) is especially critical in financial services, healthcare, government, and other highly-regulated industries. MobileIron Core 9.6 provides access to the following Office 365 App Protection settings for Android and iOS devices:

  • Restrict Cloud backup — Enable/Disable backup of information from the app to the Cloud
  • Cut/Copy/Paste restriction — Enable/Disable copy/paste operations between policy-managed apps and other apps
  • Disable “Save As” — Enable/Disable the use of “Save As” in any app that uses policy. Select services data can be saved to: OneDrive, SharePoint, and Local
  • Restrict Data Transfer To/From Managed Apps —Allow/Disallow app to send/receive data to/from other apps
  • Encrypt app data — Enable encryption of app data
  • Restrict web content to Managed Browser —Any links in the app will be opened in Managed Browser if enabled
  • Disable Printing — If enabled, app cannot print protected data
  • Disable Contacts Sync —Enable/Disable saving of contacts from app to native address book
  • Disable Screen Capture — Block screen capture (Android only) and Android Assistant app scanning
  • Block Access on Jailbroken/Rooted Devices — Block apps from running on jailbroken or rooted devices
  • Wipe after Extended Offline — Wipe corporate data when a device is offline for a specified duration
  • PIN/Fingerprint for Login — Enable/Disable PIN for login to Office 365 apps

Additional macOS capabilities

MobileIron continues to expand upon our EMM capabilities for Mac desktops. Prior to this release, MobileIron Core admins were able to install only those apps made available via the Apple Mac App Store. However, with new Core 9.6, admins now have the added convenience of installing custom, in-house apps as well. In addition, several new restrictions have been added to provide admins with more granular controls for software downloads that occur via the Apple Mac App Store. Also important to mention is that additional features are now available to improve data loss prevention (DLP) for Macs. Admins can now implement disc burning restrictions to enable or disable disc burning. Plus, allowed media control helps to prevent data loss by enabling granular control of media disc operation, as well as controlling new restrictions introduced in macOS 10.13. And finally, Core 9.6 enables admins to create policies in Spaces for delegated admins in those spaces, these include macOS policies.

Google Play Alpha/Beta

Developers now have the ability to distribute early app releases using Google Play alpha/beta channels. This level of flexibility means that admins can now limit new software releases to a subset of users (i.e., early testing purposes), as opposed to pushing the release to the entire user base. Admins can easily enroll selected users for pre-release apps, and with no user interaction required. Another advantage of Google Play Alpha/Beta is that Developers are no longer forced to publish beta apps separately. In addition, developers can now take advantage of Google Play publishing tools for in-house apps.

Support for Samsung Enterprise Firmware Over-the-Air (E-FOTA)

Using Samsung E-FOTA, admins now have the ability to manage and push selected versions of device firmware to users with supported Samsung devices. There are many benefits to E-FOTA. For example, thanks to more control over device configuration, admins can minimize unplanned changes to device environments. Strict firmware policies for Samsung devices can now be enforced by model and groups. Admins can specify target firmware for bot user-selected and forced updates. In addition, admins can now manage policies by employee groups, which allows for more granular control over which firmware to update, and when.

Work Schedule policy facilitates ”Right to Disconnect” legislation

Earlier this year, “Right to Disconnect” legislation was introduced in France. Now, at the conclusion of the work day, employees have the right to ignore work-related emails until the following day. MobileIron Core 9.6 enables admins to create policies that define work schedule and enable blocking of Exchange ActiveSync, AppConnect-enabled apps, and managed apps that use MobileIron Tunnel during non-work times. The goal here is to ensure that employees maintain a healthy work/life balance. MobileIron is excited to support this effort!

SAML 2.0 and support for ADFS IdP on Admin portal and self-service user portal

MobileIron Core 9.6 enables admins to use the Core GUI to persistently configure and enable user authentication using SAML 2.0 and Active Directory Federation Services (ADFS) Server 3.0. Users who access the MobileIron Core admin portal and self-service user portal can be authenticated via an external identity provider (IdP) with Single Sign-On (SSO). Enabling ADFS on the self-service user portal reduces the potential for denial-of-service (DoS) attacks on corporate LDAP servers.

Machine learning-based MobileIron threat defense and remediation

MobileIron Core 9.6 provides a new user interface drop-down option that enables admins to distribute a MobileIron threat defense activation code via Android XML Configuration to Android devices that have the appropriate Mobile@Work client installed on them. Activation code for MobileIron threat defense on iOS devices that have the appropriate Mobile@Work client installed on them is distributed via existing plist mechanism.

There you have it, some of the top highlights of new MobileIron Core 9.6. I hope you find this brief overview to be helpful. For additional information on MobileIron EMM, be sure to download our latest product datasheet. Or even better, request your free 30-day trial today!

Matthew Law

Product Marketing Manager - Mobile Security at MobileIron

About the author

Matt Law has more than 20 years of combined experience in tech product management, product marketing and sales. Prior to joining MobileIron as a product marketing manager for mobile security, he served in similar roles in the areas of high-performance computing (HPC), backup and recovery (BAR), continuous data protection (CDP) and desktop virtualization.  A Florida native, and graduate of the University of South Florida in Tampa, Matt migrated west via Colorado, and now resides in Southern California with his wife and two children. In his spare time, he enjoys outdoor activities, loud guitars and open chords.