Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing Android Devices
  3. Security

Category filter

Deploy Threema Work app configurations

Jump To

Threema Work is a secure, GDPR-compliant instant messaging solution designed for businesses to facilitate fast, safe, and efficient communication among employees. With end-to-end encryption, Threema Work is an ideal tool for securely exchanging confidential and sensitive information. This guide explains how to deploy the Threema Work app to iOS devices using Hexnode UEM for seamless and secure communication within your organization.

Threema Work is a secure and user-friendly messaging solution for businesses and organizations. Designed for seamless corporate communication, it ensures confidential information exchange through instant messaging while meeting the strict requirements of the EU General Data Protection Regulation (GDPR).

With end-to-end encryption safeguarding all communications, including group chats, voice calls, and video calls, Threema Work offers unparalleled security for sensitive company data.

Hexnode UEM enables the remote installation, deployment, and configuration of the Threema Work app on your Android devices, ensuring a secure and efficient messaging environment across your organization. The sections below provide a detailed guide on deploying Threema Work to Android devices using Hexnode UEM.

Steps to deploy Threema Work

Adding a License for MDM System

If your company uses managed devices, you’ll need to add a license for the MDM system.

  1. Log in to Threema Work Admin Console.
  2. Navigate to Enter Management Cockpit > User Management.
  3. Click Add or Add First Users and select License for MDM System.
  4. Set a username and password as desired.
    1. You can save the password in plain text or as a hash.
      1. Plain text: Allows password retrieval later. To do this, navigate to User Management > License for MDM Systems, locate the specific license, click its vertical ellipsis icon, and select Copy Password from the dropdown.
      2. Hash: Provides additional security but prevents password recovery from the Threema Work Admin Console.
  5. Specify the number of licenses required for the devices that will use Threema Work.

This process will successfully create a license for your MDM system.

Adding the Threema Work app to Hexnode UEM

  1. Log in to the Hexnode UEM Console.
  2. Navigate to the Apps tab.
  3. Click + Add Apps and select Managed Google Apps from the dropdown.
  4. In the dialog box, search for the “Threema Work. For Companies” app and click Select.

Configuring the managed Threema Work app configurations within the Hexnode UEM console for Android

This adds the Threema Work app to the list of managed apps in Hexnode UEM.

Deploying the app

  1. Go to the Policies tab.
  2. Click Device Polices > New Policy > Create a fully custom policy to create a new one or select an existing policy to edit.
  3. Enter the Policy Name and Description in the provided fields.
  4. Navigate to Android > App Management > Required Apps and click Configure.
  5. Click +Add > Add App and search for the “Threema Work. For Companies” app.
  6. Select the app and click Done.

Configuring app settings

  1. Under App Configurations, click Configure to set up the Threema Work app.
  2. Click +Add New Configuration, choose the “Threema Work. For Companies” app, and click Select.
  3. From the app configuration screen displayed, configure the required settings.

    You’ll have the following features to be configured.

    Settings Description
    Corporate License Username Set the license username for the device.
    Corporate License Password Set the license password for the device.
    Nickname Specify the nickname. It appears in contact details and push notifications.
    First Name Specify the first name of the user.
    Last Name Specify the last name of the user.
    Customer Specific Identifier (CSI) Specify the CSI. This can be any value (e.g., an internal employee ID). It appears in the management cockpit and company directory and helps uniquely identify employees, especially in cases of similar names.
    Category Specify the user category (e.g., group, department).
    Email Specify the email address linked to a Threema ID. It is used for contact synchronization.
    Phone Specify the phone number linked to a Threema ID. Must be in international format (e.g., +41555114900). It is used for contact synchronization.
    Contact Sync Enable to allow synchronization with the local address book.
    Readonly Profile Enable to prevent the user from editing their nickname, profile picture, linked email/phone, exporting or deleting their ID, and setting an ID revocation password.
    Block Unknown Contacts Enable to block messages from users who are not in the device’s contact list.
    ID Backup String Provide precalculated key pairs (Threema IDs) to restore ID backups (also referred to as “ID exports” in newer versions).
    ID Backup Password Set the password used to decrypt the ID Backup String.
    Disable Save to Gallery Enable this option to prevent saving of unencrypted media to the device’s gallery.
    Disable Screenshots Enable this option to block screenshots and prevent thumbnail previews in Android’s app switcher.
    Disable Add Contact Enable this option to disallow manual addition of new contacts.
    Disable Backups Enable this option to disable both data and cloud backups.
    Disable Export Enable this option to prevent the export of chat history.
    Disable Message Previews Enable this option to hide message content in push notifications.
    Disable Send Profile Picture Enable this option to prevent sharing of the user’s profile picture with others.
    Disable Threema Calls Enable this option to block both incoming and outgoing Threema calls.
    Skip Setup Wizard Enable this option to skip the setup wizard when the app is launched for the first time.
    Disable Group Creation Enable this option to prevent users from creating new groups.
    Enable Threema Safe Backups Enable this option to enforce Threema Safe backups during app setup.
    URL for Threema Safe Server Specify the base URL of the Threema Safe server. The default server will be used if not specified.
    Username for Threema Safe Server Specify the username for Threema Safe server authentication, if required.
    Password for Threema Safe Server Specify the password for Threema Safe server authentication, if required.
    Password for Threema Safe Specify the password used to encrypt or decrypt Threema Safe backups.
    Enable Threema Safe Restore Option Enable to allow restoring from Threema Safe during the setup wizard. If a Threema ID is specified, the restore process will start automatically.
    Threema ID to Restore from Threema Safe Specify the Threema ID to be restored during setup.
    Disable Threema Web Enable to disable access to Threema Web feature.
    Disable Multi-Device Enable to prevent linking the app with additional devices.
    Disable ID Exports/Backups Enable to block users from creating ID exports or backups.
    Disable Data Backups Enable to prevent the creation of data backups.
    Hide Inactive IDs Enable to hide inactive or revoked Threema IDs.
    Threema Web: Allowed Signaling Servers Define the allowed signaling servers for Threema Web. Provide a comma-separated list of hostnames.
    Disable Media Saving and Sharing Enable to prevent manual saving or sharing of unencrypted media.
    Password Format for Threema Safe (Regex) Set a regular expression (Regex) to define the allowed password format for Threema Safe. If not set, a minimum length of 8 characters is enforced. Regex must be compatible with NSRegularExpression.
    Error Message for Invalid Threema Safe Password Set the message shown if the user’s password does not match the defined pattern.
    Disable Video Calls Enable to block both incoming and outgoing video calls.
    Disable Work Directory Enable to hide access to the internal Work directory.
    Disable Group Calls Enable to block group (video) calls.
    Keep Messages (Days) Set the number of days messages are retained before auto-deletion. Set to 0 to keep messages indefinitely.
    Job Title Specify the job title of the user.
    Department Specify the department of the user.
  4. Customize the settings as needed, click Done, and then Add.
  5. Click Save to apply the changes.

Associating the policy

If the policy has not been saved,

  1. Navigate to Policy Targets > +Add Devices.
  2. Choose the target devices and click Ok. Click Save.
  3. You can also choose to associate the policy with Device Groups, Users, User Groups, or Domains/OUs from the left pane of the Policy Targets tab.

If the policy has been saved,

  1. Go to the Policies tab under Device Policies and choose the desired policy.
  2. Click on the Manage drop-down and select Associate Targets.
  3. Choose the target entities and click Associate.

What Happens at the Device End after deploying Threema app?

On the device:

  1. The “Threema Work. For Companies” app will be automatically installed.
  2. Open the app and click Set Up Now.
  3. Move your fingers on the screen to generate a unique Threema ID. This ID will be exclusive to the user.
  4. Your nickname, phone number, and email address will be pre-filled, and other settings will be applied based on the policy configuration.
  5. Complete the setup by clicking Finish.

The Threema Work app will now be successfully deployed and configured on the Android devices.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Managing Android Devices