Device Management made easy with Automation

We are living in a world where everything around us is getting automated at a rapid pace. Some may even refer to this era as the Dawn of Automation. The concept of automated device management has also moved up to a level that allows IT administrators and end-users to let out a huge sigh of relief. Device management is by no means an easy piece of work considering the substantial number of devices managed by an IT admin. Like seriously, imagine looking after hundreds, maybe thousands of devices. Sounds like the opposite of easy, right? This is why Mobile Device Management (MDM) solutions like Hexnode turned to automation; To Simplify Device Management.

Different Steps in Automated Device Management

Steps in Automating Device ManagementIn automated device management, the device is enrolled and configured via any of the previously mentioned enrollment methods. After deployment, Hexnode MDM utilizes Dynamic groups to push policies and hence configuring devices based on expressions you create. Then there are Geofences, Scheduling reports, Periodic device location scans and many more automated device management features about which we’ll talk about later. When the device attribute changes, it might be moved out of the dynamic group, hence losing the previous configuration and acquiring a new one. If the device gets wiped, it’ll get re-enrolled and can be set to regain its prior configurations. Hexnode aims to employ all these attributes to simplify device management.

Automated Enrollment Programs

Device Enrollment Program (DEP)

Apple Business Manager

Integrating ABM with an MDM solution like Hexnode allows them to live out their full potential. When a device is added to the ABM portal, it gets enrolled to Hexnode, provided Hexnode is set as the default server. When connected to a network, the device gets enrolled, and the policies that you assigned to the device will be pushed automatically. The cool bit is that even if you wipe your device, on reboot, the device gets re-enrolled to the server along with its initial configurations. Those configurations will keep following you until the device is removed from under that server.

Android Zero-Touch Enrollment (ZTE)

Knox Mobile Enrollment (KME)

Grouping and Configuring Devices with Dynamic Groups

The dynamic groups
in Hexnode MDM allow you to stack multiple conditions over each other and create exceptions (which can also be stacked), enabling you to create a highly selective group. Hexnode acknowledges the use of various attributes based on compliance information, device ownership and operating system to craft these conditions and exceptions.

Creating a Dynamic Group

Creating a Dynamic Group
Creating a Dynamic Group

This group is configured such that it only adds devices whose operating system is either Android or iOS with a battery level greater than 30% and is compliant. The exception states that the user of the device cannot be from the Marketing department. Using these conditions, you could get really specific and creative. Pretty cool, right?

These groups also have an auto-syncing feature, so new devices that align with the conditions set would get added. The ones that no longer satisfy the said conditions would move out of the group without the user having to do anything.

So, you’ve created a dynamic group. But why exactly do you need it? It is used so that you can target specific devices with specific policies. Hexnode MDM offers a vast set of configurations that we can push onto the enrolled devices, and with Dynamic groups, you’ll have no difficulty in targeting those specific devices. Since the devices in the group are not fixed, the policy targets are not fixed either. So, with this combination, configurations would be pushed onto the devices only when they satisfy the conditions, and when they no longer do, the policies will be removed.

Policies involving company resources like Wi-Fi, VPN and email configurations, if associated with dynamic groups, can act as an extra layer of security as these configurations would get disengaged once any of the conditions suggest the device has been compromised. We can also use dynamic groups in combination with Geofences, which means we can revoke or grant-specific provisions to the devices based on whether they are in or out of the fence. So, policies can also be configured to get disengaged if the users move out of the office premises.


Creating a Geofence
Creating a Geofence

Either existing Geofences can be used, or the admin can create new geofences. Geofences are used from the policy tab, or you can include or exclude a fence as a condition while creating a dynamic group.

Additional Automation

Scheduling Reports

It can be quite a pain to navigate to each report in the portal, but it’s also vital to peruse them for anomalies. Hexnode suggests scheduling them so that they can periodically reach your mail. Using this feature would reduce the time taken to access these reports, and it would also act as a reminder if you forget about them.

Periodic location scan

When a company device is lost or misplaced, it’d be great if you knew where it is or at least where it was last seen. Sometimes when employees are doing some tasks outside the office with a company device, you might want to know what they are up to. You definitely don’t want them out on some amusement park joyrides. Hexnode offers to keep an eye on your devices by doing periodic scans and submit detailed reports with time charts.

Data tracking and Reports

Hexnode can track total or app-wise data used by an enrolled device so that when a device is using too much data on something which is not a work app, you’d know. A total or app-wise report can also be scheduled to be sent onto the configured email.

Mandatory Applications

You can have mandatory apps installed on your employees’ devices so that these apps would get automatically installed and updated. Deleting these apps would result in the device losing compliance, and we can re-push it again on the device.

Work profile- container removal

Hexnode provides another feature to remove the work container from the device if it loses its compliance. This feature could be useful if the device is lost or is in someone else’s possession. Losing the container would mean losing all work-related apps and information, hence eliminating chances of data leaks.

Upcoming features — Time based policies

Hexnode is trying to bring in a new factor while configuring policies and actions — time. By bringing in time, many possibilities can be brought to life, like scheduling pushing, and removing policies and actions. By coupling it with other automated device management features like dynamic groups and geofencing, we could take automation to a whole new level.

The entire concept of Device Management is to provide solutions to manage devices easily. And if you try to look forward in time, one can say with utmost certainty that the number of devices needing management is bound to increase. Integrating automation with this seemingly ever-growing task of managing devices is now becoming less of an add-on and more of a necessity. Automated device management can provide a simpler and more convenient experience to its users while displaying significant improvements in efficiency, possibly making your life a little less busy.

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.