Enforce compliance checking for encrypted external storage (microSIM, microSD, SD, etc)

Access to files and folders in the internal net
it should be possible to access the shares in the windows net as ad-user, so SMC would an all in one solution for mobiles.

We want to use SMC-Proxy for all kind of mail-access from mobile devices. EAS and imap. Pop3 would be nice too, but is not a must because users don't use pop3 on smartphones or tablets. Please extend the possible protocols for the SMC-Proxy and enable at least IMAP.

Only users with personal devices can decommission their devices through the self-service portal

Partner/Customer Request:
Possibility to add folder/paths to the favorites, either defined by the SMC console (Admin) or chosen by the user.
Instead of adding single or multiple files, they'd like to choose or define entire paths/folders which should always be available offline.

In SSW, the system provides the option to save files in an unencrypted way. This might not be acceptable for security aware companies. Please provide an option for the admin to enforce the encryption of every file, once it is added via SSW

Customer want to keep their costs down, so apps should only be installed, while not roaming

It would be nice to have the ability to send an existing Apple ID to the IOS Mobile devices. The administrator could set up an Apple ID, invite it to the VPP users on SMC and send the Apple ID with the password for it to the Mobile Device.
So the Users could set up completely their Mobile Devices with VPP integration by the SSP.

I would need the Sophos MDM console to validate if the Exchange ActiveSync profile created on the device has completed with success, as it stands now if the user inputs the wrong password it fails but on the console it's marked as successful, and the user doesn't get prompted a second chance or warning of a wrong password it just terminates. it should validate the password with the exchange server and then give back a status of success if it completed correctly if not Failed.

Adding time-based AppControl rules on Android devices to allow use of certain apps during breaks or after work.

There are only the AD useraccount and its email-address to provide as placeholders in an email configuration profile.
There is the need to enhance the access on more AD attributes like the users name and surname to provide this as placeholder in an email configuration rollout and other profiles types

Upon request by one of our customers...

They're using the corporate mail account as Apple IDs.
Please make it possible to import VPP users from ActiveDirectory.

Upon request by one of our customers...

SMC installs iOS Managed Apps always with the flag "Prevent backup".
This flag can be configured at least with Meraki MDM.

Please make the flag "Prevent backup" with Managed Apps editable.

Some apps work only on iPads. If these apps are pushed to an iPhone, the task will fail.If this difference can be flagged at the app definition, the system can avoid such situations and failed task bundles

There should be the possibility to create a policy to force the encryption of the SD Card (not only the device memory)

BYOD: Support for Exchange / OWA / Activesync in the Sophos EAS proxy for use with Apple OS X and Windows 8 or Outlook Anywhere.

We like the use of the EAS proxy for mobile devices, but why don't use it too for the BYOD laptops?

Support for the Microsoft OWA app.

Some of our users would like to use the OWA app from Microsoft instead of the native Exchange support build into iOS.

Ability to set a "Blacklisted App" compliance rule based on an application version number (not only by its identifier). On the devices/installation apps there is the version number.

It is necessary to avoid the users to install a new version of an app which has a disallowed new feature or a known vulnerability.