Patch Settings
Patch Reports
Software Package

What is Application Management on mobile devices?

Application management on mobile devices is typically handled through Mobile Application Management (MAM). MAM is a set of tools and practices that allows IT administrators to securely control and manage applications on smartphones, tablets, and other mobile devices. Here is a breakdown of what MAM offers: 

  • Secure App Distribution and Updates: IT admins can distribute company apps or approved third-party apps to devices. They can also manage updates for these apps, ensuring everyone has the latest secure version. 
  • Containerization (Android only): MAM can create secure containers on a device to isolate business data from personal data. This ensures that even if the device is lost or stolen, sensitive work information remains protected. 
  • Access Control: MAM allows IT to control which apps users can access and what data they can share with those apps. This helps prevent unauthorized access to sensitive information. 
  • Remote Wipe: If a device is lost or stolen, IT can remotely wipe the corporate data from the device using MAM. This protects sensitive information from falling into the wrong hands. 
  • Improved Productivity: MAM can help ensure employees have the necessary applications for their jobs and keep those applications up to date. This can improve overall productivity. 

How can MAM be implemented in an organization?

Implementing Mobile Application Management (MAM) in an organization involves selecting the right MAM solution, developing robust policies, configuring the system, enrolling devices, enforcing security measures, and providing continuous support and training. Regular review and improvement are essential to adapt to evolving needs and maintain a secure and efficient mobile application environment. 

How to configure Mobile Application Management in NinjaOne?

Mobile Application management can be implemented in NinjaOne through policies. There are policies designed for mobile devices called MDM policies, which can be applied to Android, iPhone, or iPad devices. MDM policies have an Applications section, where you can add the applications for the devices linked to this policy. 

NinjaOne also offers a Kiosk mode, which only allows one single application to run. This is useful for mobile devices that need to perform specific tasks or that are accessible in self-service mode, such as interactive kiosks, mobile points of sale, etc. 

Strategy: Install approved applications on the work profile for a BYOD Android phone

BYOD stands for Bring Your Own Device, and it refers to an employee-owned device which is also used for work. In such a case, when the device is enrolled for work applications, a separate profile will be created on the device. Applications and data stored on the work profile cannot interact with the personal profile, making the work profile secure. 

In this example, we will create an MDM policy called Android BYOD, and we will add some applications that will be automatically installed on the work profile. 

A. Follow the next directions to create the MDM policy: 

  1. Go to Administration, then Policies, and then MDM Policies.
  2. Click Create New Policy.
  3. In Name type Android BYOD.
  4. In description, type the description of your choice, for example, MDM Test Policy. 
  5. In Role, select Android. 
  6. In Parent Policy, select Android Mobile Policy. 
  7. Click Save.

(see the next screenshot for reference) 

Screenshot showing the policy window for the Application Management

8. The Policy editor appears. 

B. Once the Policy has been created, follow the next directions to add approved applications: 

  1. On the left side, select the Applications tab.
  2. Under Default Permission Policy, select Grant.
  3. In Play Store Mode, select Allowlist.
  4. In Untrusted Apps Policy, select Disallow Installing. 
  5. Keep the Native multi-app kiosk launcher option off (default). 
  6. Click add apps and select Play Store. The Play store screen appears. 
  7. Click on Adobe Acrobat Reader, then click on Select. The Play store screen disappears. 
  8. Check the newly added app and click the blue Edit button. 
  9. In Assignment type, select either Force Installed or Preinstalled. The difference is that the force installed applications cannot be uninstalled from the work profile by the end user. 
  10. On Default Permission Policy, select Grant. 
  11. On Connected Work and Personal App, select Unspecified. 
  12. Auto Update Mode, select Default. 
  13. Click Save. 
  14. At this point, you can continue adding applications in the same way we added Adobe Acrobat Reader, once you´re done, click Save on the upper right side of the screen. Enter your MFA method response and close. 

(see the next screenshot for reference) 

Sreenshot showing the Verify MFA window for the page Application Management

C. Set the newly created policy as the default policy for your organization, for that, go to your organization’s dashboard and click edit, then: 

  1. On the left side, select the Policies tab.
  2. On the right side, select the MDM policies tab. 
  3. On Android, From the dropdown menu, select the Android BYOD policy we created in the last step. 
  4. Click Save.

(see the next screenshot for reference) 

A screenshot showing the policies window for the page Application Management

D. Enroll an Android device to your organization: 

Prerequisite, install the Android Device Policy (ADP) on your android device. Android version must be 9 or later. 

  1. From any dashboard, click on the + sign on the upper right of the screen. 
  2. Select Device and then Mobile Device. A dialog box appears. 
  3. Fill out your organization name and location. 
  4. On Device Role select Android. 
  5. On usage type select For Personal and work. 
  6. Click on Generate QR code. A screen with a QR code and instructions will appear. 
  7. On your Android device, open the ADP application and scan the QR code from it. 
  8. Follow the instructions on the Android device. 

After a few minutes, a work profile will be created on the Android device and the applications that we selected on step B will be auto installed, while the device´s settings and personal profile remain untouched. 

What are the advantages of using NinjaOne for Mobile Application Management?

  • Unified management

Mobile devices can be managed from the unified console, the same as all other devices. 

  • Cost savings.

Policies streamline application management, saving time and resources. 

  • Integration with Other Tools

The platform integrates with other IT management and service desk tools, providing a more cohesive and efficient IT management ecosystem. 

Next Steps

Application Management FAQs

In the context of mobile devices, application management and control, also called Mobile Application Management (MAM), is a software system that focuses on securing and controlling corporate applications on mobile devices. IT admins can use MAM software to Distribute and install apps, manage app versions, enforce security policies on apps (data encryption, access restrictions), and remotely wipe app data if a device is lost or stolen. 

An Application Manager is an IT professional responsible for the entire lifecycle of software applications within an organization. This lifecycle includes everything from initial planning and selection to deployment, ongoing maintenance, and eventual retirement of the application. 

Here are some of the features of Application Management and Control or Mobile Application management (MAM): 

Centralized Distribution and Control: MAM provides a central app store or console for distributing approved work applications to employees’ devices. This ensures only authorized apps are used for work purposes. 

Containerization: A key feature of MAM is containerization. It creates a secure, isolated workspace on a user’s device specifically for work apps. This separation safeguards corporate data by preventing it from mixing with personal information on the device. MAM controls access to this container and the apps within it. (Containerization is not supported by iOS devices) 

Selective Wipe: MAM allows IT admins to remotely wipe only the work container on a lost or stolen device. This protects sensitive corporate data while leaving the employee’s personal data untouched, addressing privacy concerns in BYOD (Bring Your Own Device) environments. 

Data Encryption: MAM can enforce data encryption on work apps, scrambling information to make it unreadable in case of a breach. This adds an extra layer of security for sensitive data accessed through mobile applications. 

Mobile Device Management (MDM) focuses on managing the entire mobile device, including hardware, software, and security settings. While MAM concentrates on managing applications and data, MDM offers a broader scope of device control. Some solutions, like NinjaOne, combine MAM and MDM functionalities for a unified approach. 

Ready to become an IT Ninja?

Learn how NinjaOne can help you simplify device management.
Start Free Trial
Get a Demo
Watch Demo×
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.