Thread Info
  • Replies 8 replies
  • Subscribers 14 subscribers
  • Views 15017 views
  • Users 0 members are here
Options
Suggested

Sophos Mobile and Android Enterprise

tom_w

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

This article provides a high level overview of managing devices in Sophos Mobile with Android Enterprise. For more details, please see the Sophos Mobile admin guide which has further information.

What is Android Enterprise?

Android Enterprise is a method for managing Android devices. It is not a product itself, rather is leveraged by device management solutions (such as Sophos Mobile) to manage Android devices.

Android Enterprise replaces its predecessor, ‘Device Admin’, which Google is phasing out. Compared to 'Device Admin', Android Enterprise provides greater control over devices, including remote app installs, app configuration and native support for Bring-Your-Own-Devices (BYOD).

Android Enterprise Management Modes

With Sophos Mobile, customers can manage Android devices in two ways:

  • Android Enterprise ‘Full Device Management’ – this is designed for company owned devices and gives deep control over device functions and apps. A device needs to be new or factory reset to be enrolled in Device Owner mode.
  • Android Enterprise ‘Work Profile’– this is primarily designed for Bring-Your-Own-Device (BYOD) scenarios. The admin manages only a specific area of the device (the ‘work profile’) where company apps and data are stored. The rest of the device (the ‘personal profile’) is not managed.

Setting up and enrolling devices

At a high level, below are the key steps for getting up and running with managing Android devices.

  1. Set up a Managed Google Play account or Managed Google Domain.
  2. Create policies – ‘Android Enterprise device policies’ or ‘Android Enterprise work profile policies’ based on the desired management mode
  3. Decide which apps should be available to users
  4. Create a Task Bundle that contains the policies and apps you want to apply to devices
  5. Enrol devices.
    • Fully managed devices can be enrolled via the Add Device wizard, Self Service portal, QR code enrolment or Zero-touch enrolment
    • Work profile devices can be enrolled via the Add Device wizard or Self Service portal

 

The Sophos Mobile admin guide provides much more detail on each of these points. Please refer to this for more specific information.



Updated the disclaimer.
[edited by: Gladys at 5:08 AM (GMT -7) on 6 Apr 2023]
Parents Reply Children
  • in reply to Doctor Danial

    The Android operating system was originally developed by Android. Android was later acquired by Google. Other device manufacturers choose to implement this in different ways, or choose to make changes to the OS which affects the way the device behaves. 

    In some instances these changes will affect the way that Android Enterprise works on mobile devices making it incompatible. I strongly recommend verifying that the device(s) you wish to obtain will be compatible prior to obtaining them. 

    You can use the link I've shared in a previous comment to verify.

    Qoosh said:
    I recommend using the search function on the following page from Android to see if your devices are Android Enterprise capable. 
    - Android Enterprise Devices
    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Unfiltered HTML