Create a lockdown version of Android by installing a custom launcher, which only shows the apps, the user is allowed to access

We have issued our engineers with android tablets to access a web app, we need to lock down the devices so they can only access a list of approved websites.

Customer would like to be able to block all websites except for the ones he has entered in the allow list.

Web Filtering report, we would like to be able to view or download a report with the details of which sites a device has been to ie:URL's, date and time visited and activity.

Access to files and folders in the internal net
it should be possible to access the shares in the windows net as ad-user, so SMC would an all in one solution for mobiles.

Adding time-based AppControl rules on Android devices to allow use of certain apps during breaks or after work.

There are only the AD useraccount and its email-address to provide as placeholders in an email configuration profile.
There is the need to enhance the access on more AD attributes like the users name and surname to provide this as placeholder in an email configuration rollout and other profiles types

Upon request by one of our customers...

They're using the corporate mail account as Apple IDs.
Please make it possible to import VPP users from ActiveDirectory.

Upon request by one of our customers...

SMC installs iOS Managed Apps always with the flag "Prevent backup".
This flag can be configured at least with Meraki MDM.

Please make the flag "Prevent backup" with Managed Apps editable.

Some apps work only on iPads. If these apps are pushed to an iPhone, the task will fail.If this difference can be flagged at the app definition, the system can avoid such situations and failed task bundles

There should be the possibility to create a policy to force the encryption of the SD Card (not only the device memory)

Ability to set a "Blacklisted App" compliance rule based on an application version number (not only by its identifier). On the devices/installation apps there is the version number.

It is necessary to avoid the users to install a new version of an app which has a disallowed new feature or a known vulnerability.

Hi,
Kindle Fire tablet is an Android-based device, but trying to manage with SMC, reports many errors, probably related to some applications not fully Android compliant.
Is it possible to extend the support to these devices?
Thanks and regards

Be able to restrict documents and data from being transferred by NFC

If an SMC admin wants to remove a device from the management he first has to decomission the device and after that operation he may delete the device. It would be handy if we could combine these functions in on step or offer an button Decomission & Delete so we only have on click,

Automatic removal of apps that the administrator has blacklisted in the Sophos Mobile Control compliance settings. Should be possible to be implemented atleast on SAFE devices. Of course this functionality is focused on company devices and typically not on BYOD.

Implement the SIM change check as part of the compliance check. SIM changes should be reported by standard means of the compliance check

Zum Beispiel:
1. welche Apps hat Gerät X installiert

1. zeige das/die Gerät(e) X, die App X mit Version X installiert haben




2. zeige min. und max. installierte Version der App X, über alle Geräte gesehen




3. zeige die aktuellste Version von Sophos-Apps wie SMC, SMS, SMS-Samsung-Plugin etc. die es über den Play Store gibt und zeige mir, welche Geräte diese Version installiert/nicht installiert haben




4. auf welchen Gerät(en) X ist/sind Zertifikat(e) X installiert/nicht installiert

In the compliance rules, mandatory apps can be enforced. But unfortunately, this does not work, if the admin wants to enforce a certain minimum version. User often ignore to update their apps, which can cause problems in operation of a large device fleet.

Like Gmail, when an user changed his Windows Password, have a notification to explain there is a synchonization problem.
Invite the user to change his password instead of go to his mails accounts.