Category filter
Getting Started with Android Device Management
Android is an open-source mobile operating system powering a vast ecosystem of touchscreen devices, including smartphones and tablets. To effective manage these devices in a corporate environment, administrators need a robust Unified Endpoint Management (UEM) solution.
This guide details how to get started with Android management using Hexnode UEM, covering enrollment, security, application management, and remote troubleshooting.
Enrollment and Provisioning
The first step to get started with Android operations is bringing devices into the corporate network.
Enrollment Methods
Hexnode supports various enrollment techniques depending on whether the device is already in use or being deployed out-of-the-box.
- Standard Enrollment: For existing devices.
- Zero-Touch Enrollment: For bulk, out-of-the-box deployment.
- Samsung Knox Mobile Enrollment (KME): Specific to Samsung devices.
Configure Android Enterprise
Android Enterprise is the modern standard for managing Android (5.0+) devices. It offers two distinct modes:
| Management Mode | Best For | Description |
|---|---|---|
| Device Owner | Corporate-Owned Devices | Grants the enterprise complete control over the device and data. Ideal for fully managed assets. |
| Profile Owner | BYOD (Bring Your Own Device) | Separates work apps/data from personal apps/data. Ensures business data is managed while personal data remains private. |
Security and Restrictions
Once enrolled, securing the device ecosystem is paramount.
Device Restrictions
Administrators can configure restrictions to limit device functionality based on security needs.
- Basic Restrictions: Applicable to all Android devices. Prevents access to specific features (e.g., camera, microphone).
- Advanced Restrictions: Available for high-security environments using Samsung Knox, LG GATE , Kyocera, or Android Enterprise devices.
Network Security Configurations
To prevent unauthorized access to corporate resources, Hexnode allows the remote configuration of:
- Connectivity: Wi-Fi and APN settings.
- Security: VPN configurations.
- Communication: Email and Exchange ActiveSync settings.
MDM Integrity
-
Prevent Removal: Administrators can disable the “Allow MDM Administration removal” option via Android Basic Restrictions. This prevents users from uninstalling the Hexnode agent to bypass security.
Application and Content Management
App Distribution and Control
- Block/Allow Lists: Create lists to strictly allow essential apps or block non-compliant applications. On Android Enterprise devices, blocklisted apps are hidden from the interface.
- Silent Installation: Install apps without user interaction. This feature is supported on:
Kiosk Mode
Lock devices into a single application or a specific set of apps. This is ideal for retail, logistics, or education. You can also incorporate PDF/Video files into Kiosk mode using the Hexnode Document Reader or Media Player.
Web Content Filtering
Save bandwidth and increase productivity by blocking access to non-essential or malicious websites.
Content Management
- File Distribution: Deploy corporate documents directly to devices.
- File Explorer: A remote file management tool allowing admins to move, copy, or delete files/folders over-the-air.
Maintenance and Monitoring
Remote View and Control
Troubleshoot issues without physical access. Admins can view the screen and control the device using a mouse and keyboard from the Hexnode console.
Mobile Data Management
Track data usage to prevent overage charges. Admins can set usage limits and receive notifications when limits are approached.
OS Updates and OEMConfig
- OS Updates: Schedule remote updates for Device Owner devices or use Remote Actions for ROM-enrolled devices.
- OEMConfig: A standard that allows Hexnode to configure OEM-specific settings (e.g., Zebra or Honeywell scanner settings) directly through the Android Enterprise framework.
Personalization
Standardize corporate branding by remotely setting Lock Screen and Home Screen wallpapers.
Troubleshooting Android Management
Common issues encountered when you get started with Android management and their solutions.
1: “Silent Install” is not working.
Cause: The device may not support silent installation.
Solution: Verify the device is Samsung Knox, LG GATE, Android Enterprise, or Rooted. Standard Android devices without these frameworks requires user approval for installation.
2: Cannot remove the Hexnode UEM App.
Cause: The administrator has applied a restriction policy.
Solution: Check if “Allow MDM Administration removal” is unchecked; under basic restrictions, the app cannot be uninstalled manually.
3: Corporate apps are not showing up.
Cause: The device might be in “Profile Owner” mode, and the user is looking at the personal profile.
Solution: Instruct the user to check the “Work Profile” tab or folder on their device launcher.
4: Kiosk Mode is allowing access to settings.
Cause: Background apps or settings were not properly restricted in the Kiosk policy.
Solution: Review the Kiosk policy settings and ensure “Status Bar” access is disabled if high security is required.
Frequently Asked Questions (FAQ)
Q: What is the difference between Device Owner and Profile Owner?
A: Device Owner is for corporate-owned devices and gives the company full control. Profile Owner is for personal devices (BYOD) and creates a separate “Work container,” leaving personal data private and untouchable by IT.
Q: Can admins manage Samsung devices differently than standard Android devices?
A: Yes. Samsung devices utilize Knox, which allows for deeper control, such as advanced restrictions and silent app installation, which might not be available on standard Android devices.
Q: Does Hexnode support remote control for all Android phones?
A:Remote Control requires the device to be running Android 5.1+ devices and enrolled in Hexnode.
Q: How do admins save mobile data costs?
A: Use the Mobile Data Management feature to set data consumption caps per device or per app. You can also use Web Content Filtering to block high-bandwidth sites like video streaming platforms.
