We all know Unified Endpoint Management (UEM) solutions provide comprehensive end-to-end Mobile Application Management (MAM) capabilities for businesses. You can effortlessly manage and monitor apps on multiple mobile devices from one central place.
Application Lifecycle Management (ALM) is one of the core features of UEM when it comes to mobile app management. At Entgra, we understand the challenges of managing app lifecycles and have developed a cutting-edge solution that takes the complexity out of the process, making things easier and user-friendly for you.
Entgra UEM provides ALM capabilities. In this blog, we will explore these capabilities in detail to highlight how they simplify app lifecycle management stages and enhance the overall management experience.
Before you begin: What is ALM?
ALM is the process of managing the entire lifecycle of applications deployed on your endpoints.
It enables you to manage the lifecycle of an app from its inception to retirement. You can ensure they are installed correctly, monitor their performance, and update them without causing any inconvenience to your end users. Your team members can collaborate at each stage of the app lifecycle, facilitating real-time updates.
Entgra’s approach to ALM
The ALM feature in Entgra UEM is comparable to having a personal assistant for your apps. You can manage your applications from start to finish within a centralized platform. It covers everything from creating and deploying apps to updating and retiring them.
Let us take a brief look at the entire ALM process.
The basic process of ALM
Admins can create their apps via the Entgra app publisher. Once you create an app, it automatically comes with its lifecycle. From this point onwards, you are able to oversee and manage each stage of the app’s lifecycle.
Now let’s delve further into each stage.
Created – Suppose that you want to create a specific corporate app exclusively for your employees. Once you create this app, it belongs to the first stage of the app’s lifecycle. Now you have full control over each stage of the app’s lifecycle.
In-Review – This stage is entirely for accurate and secure app publishing. You can review your app thoroughly and determine whether the app is suitable for publishing in the app store. In this review process, you can add the app to a “Rejected” stage if it detects any fault in the app or if it is not in compliance with company policies.
Approve – After reviewing the app with the necessary parties, you can approve it for publishing.
Publish – Publish the app in the corporate app store. The app will only be visible in the app store after it completes this process. There is an additional perk. Even after publishing your app, you can change its status.
Block – You can block an app for a certain period of time either to publish or deprecate at a future date.
Deprecated – These are the outdated apps that no longer suit your app store. In both cases, the app will be hidden from your app store automatically to prevent installations.
Retired – Eventually, you can retire your apps. You can terminate the app’s process at this stage since this is the final stage of an app’s life cycle.
Fast-tracking app publishing
The latest version of Entgra UEM has made app publishing even faster and more convenient.
You can save and publish an app in a single step. This eliminates the need to follow all the lifecycle stages manually. This is particularly useful in scenarios where it is not necessary for a user to complete all the lifecycle stages.
Within the app creation step, admins can decide whether they want to publish the app or not at the same time. If you want to publish the app, it will be published in the app store immediately without any review. This denotes that you can directly transfer the app from the “Created” stage to the “Published” stage of its lifecycle.
Enhanced ALM process in Entgra UEM
This ALM feature helps to prevent UEM admins from making mistakes when managing any kind of app by providing clear, concise directions. As fantastic as this feature is, it is only available to users with appropriate permissions. You can control who has access to this feature as required to prevent any misuse.
At Entgra, we always strive to offer our customers the best possible UEM experience. Do browse through our blogs and documentation to learn all about our products and feature updates. We even have an Entgra UEM evaluation option available for new and trial users. If you have any questions, we’re here to help. Feel free to reach out to us for assistance through the Entgra support portal.
Did you know Entgra UEM has a feature that enables you to trigger operations simultaneously in device groups? Thanks to this feature, you can execute multiple commands across a group of devices all at once with a simple click.
We will discuss how this feature saves you time and resources, making device management more efficient.
Say goodbye to manual device-by-device actions
As an IT administrator, you no longer have to perform repetitive tasks on individual devices manually. You can now centralize device management with Entgra UEM.
Our UEM feature gives you the ability to group devices together based on various criteria such as their operating system (OS), enrollment mode, location, or any other specific need. This flexible grouping mechanism allows for a more tailored approach to device management.
Once your devices are organized into groups, you can effortlessly trigger desired operations and apply them simultaneously to all devices within the group. There is no necessity to perform tedious, repetitive tasks on individual devices; instead, you can experience the efficiency of executing commands across multiple devices in one go.
Unlocking hidden perks
Enhanced security and compliance
With this feature, you can take immediate action across a specific group of devices. Whether you are locking devices, changing lock codes, clearing passwords, or performing enterprise wipes, you can swiftly mitigate security risks and address policy violations, keeping your organization protected. If you have a large device fleet, this will be especially helpful.
Efficient deployment of updates and applications
Deploying applications or pushing updates to a large number of devices can be a tedious task. Entgra UEM simplifies this process by enabling you to upgrade the firmware across device groups simultaneously. This ensures seamless application availability and software updates, boosting productivity and reducing manual effort.
Remote troubleshooting and support
Imagine an IT support team responsible for troubleshooting and resolving issues across a diverse device fleet. You can now support personnel remotely to trigger actions such as reboot, file transfer, or device information retrieval across a group of devices simultaneously. This streamlines the support process, reduces downtime, and improves end-user satisfaction.
Bulk actions for device configuration
Trigger operations such as ringing devices, sending messages, applying configurations on apps, or muting devices in bulk, ensuring uniformity and ease of management. This capability enhances operational efficiency and reduces configuration errors.
Check out this short video to learn more about how effortlessly this feature works:
Entgra UEM empowers your organization’s productivity by offering you extensive Mobile Device Management (MDM) features.
Visit our product documentation to learn more. We invite you to experience the capabilities of the latest product version, Entgra UEM 5.2, with our Try-It-Now feature. If you have any questions or require assistance, please do not hesitate to contact us via our Entgra support portal.
The recently released Entgra UEM 5.2 gives you an exciting new feature – per-tenant theming.
With per-tenant theming, Unified Endpoint Management (UEM) administrators now have the power to elevate customization and branding within their tenant environments. This feature enables you to personalize UEM platforms and define unique visual themes and brand identities for different sub-organizations or client groups.
In this blog, we’ll explore how Entgra UEM 5.2 will help you to strengthen your brand presence with per-tenant theming.
Understanding per-tenant theming and its importance
Per-tenant theming is a must-have feature for multitenant UEM environments where multiple organizations or teams use the same console. It helps to create a more intuitive experience for each tenant. Whether you’re in a multitenant environment or simply want to reinforce your organization’s branding, per-tenant theming can help you achieve what you want.
Each tenant or client can customize the user interface (UI) by incorporating branding elements and creating an interface that reflects their unique identity and style. This means that each tenant can have a unique interface and user experience, while still being managed from a single console.
Without per-tenant theming, tenants may have difficulty differentiating their workspace from that of other tenants, resulting in confusion and decreased productivity. Entgra UEM 5.2 helps you to ensure that each tenant’s needs are met by providing each tenant with their own unique theme, ultimately leading to increased satisfaction and productivity.
If you’re looking to create a better user experience for your tenants, per-tenant theming is the way to go.
How it works
Per-tenant theming works by enabling you to create different themes for each tenant of the UEM solution. You can easily customize the UEM console with unique logos, favicons, app titles, etc., giving each tenant a distinct look and feel that represents your organization’s brand identity. Additionally, you can customize the branding of your tenants based on sub-organizations, teams, or any other categories you prefer to use.
Let’s say you have a multinational corporation (ABC Tech) with several workspaces in different regions and each region must be reflected in the UEM console. With per-tenant theming, you can customize the console according to each region. This means the UEM console can then display the appropriate theme for each region based on their login credentials. This saves time and resources for you and provides a better user experience for your employees in each region. Employees will instantly connect with the platform, resulting in increased engagement, productivity, and overall satisfaction.
https://youtu.be/XsxNFJp2aos
Other benefits of per-tenant theming
Apart from creating better user experiences, per-tenant theming offers you other benefits.
Stronger brand identity
Your brand is everything. Per-tenant theming empowers you to showcase it. Incorporate your company logo, add titles, and design the UEM platform to match your unique identity. With this level of customization, every endpoint interaction becomes an opportunity to reinforce your brand, build trust, and leave a lasting impression on your employees and clients.
User-friendly customizations
Implementing per-tenant theming within a multitenant UEM environment is a breeze. With just a few clicks, tenants can upload their brand assets, change logos, and make design modifications without needing extensive technical expertise. It’s a user-friendly process that puts the power of customization in the hands of organizations of all sizes.
Consistency
By maintaining consistency in per-tenant theming, organizations can create a unified and cohesive experience for their users. With a consistent look and feel across different tenants, you can create a sense of unity that reflects your organization’s values.
Flexibility for sub-organizations and teams
Multitenant UEM environments often consist of sub-organizations and teams with diverse needs. Per-tenant theming caters to this diversity by customizing the UEM experience for each entity. It’s all about giving your sub-organizations and teams the flexibility to create an interface that aligns with their specific requirements.
If you’re ready to take your UEM experience to the next level, consider exploring the per-tenant theming feature in Entgra UEM 5.2 and see how it can benefit you!
To learn more about the latest Entgra features, visit our product documentation. And do not forget to try out the product with our Try It Now feature to experience the latest features and updates.
We are always happy to answer any questions you may have. Reach out to us here.
We are pleased to announce the release of Entgra UEM 5.2, giving you a more streamlined, hassle-free device onboarding experience – especially if you are a new or trial Entgra Cloud user who is onboarding your first device.
At Entgra, we are always listening to our customers and striving to improve our products. We found that some users encountered challenges during the device enrollment process when analyzing feedback. Furthermore, we wanted to shorten our support response times.
The result is Entgra UEM 5.2. You can now enjoy a guided enrollment experience, eliminating any confusion along the way. And if you still need help or guidance, our support team is just a live chat message away, ready to answer your questions as quickly as possible. In addition, you can expand your brand identity and experience a more scalable device location tracking facility with the latest version of our product.
In this blog, we will explain how these exciting new features and improvements will enhance your device onboarding experience.
What you need to know about Entgra UEM 5.2
Whether you are a new user or an existing customer, we designed Entgra UEM 5.2 to ensure that your experience with our platform is smoother and more efficient than ever before. Here’s a detailed compilation of the feature enhancements in this version:
Self-guided enrollment
This provides a wizard-based, simple, and clear direction for the best mode of enrollment suited to your requirements. You can complete the enrollment process easily and without any assistance from our end. This feature eliminates the guesswork for users who are unsure about which enrollment mode to choose – a major concern for many of our customers.
Guided UI tour
Navigate Entgra UEM easily and discover all available features/functionality quickly. This feature is particularly useful for new users who may be unfamiliar with the product or for those who want to explore new features you may not have used before. By providing a guided tour, we can ensure you have a seamless onboarding experience and gain the most from Entgra UEM.
Live chat
You now have instant access to our support team so that we can address your queries/concerns as early as possible. This feature ensures that customers receive prompt and efficient support when they need it. This is particularly helpful for evaluation users who may have questions or need assistance during their trial period.
Disable unwanted apps
Disable unwanted apps from your device launcher without having to block list them. This feature helps to keep your device launcher clean and organized, making it easier to find and access the apps you need. This can help to improve productivity and save time in the long run too.
Agent labeling
Label your device agent as required by simply sending a notification to the device. This is helpful for customers who have many devices and need to keep track of them efficiently. Yet another time consuming task is eliminated as you now have a more convenient way to label your device agent and there is no need to enter the label for each device manually.
Per tenant theming
Personalize the Entgra UEM to match your brand identity. You can easily customize the appearance of your Entgra UEM platform, giving each tenant a distinct look and feel that represents your organization’s brand theme. Customize branding assets such as logos, favicons, app titles, etc. to create a seamless and unified experience for your tenants.
Device tracking enhancements
Leverage the benefits of Traccar with its latest enhancements. You have complete visibility and control over your devices in a more scalable way. Track them in real-time on a map and monitor their movements. The new improvements also enable you to obtain your devices’ historical activities, adding an extra layer of security to Entgra UEM and providing valuable insights into your device fleet.
Learn more
We are committed to delivering the best possible experience for our customers and hope you find this latest release valuable and user-friendly.
To learn more about Entgra UEM 5.2, visit our product documentation. And do not forget to try out the product with our Try It Now feature to experience the latest UEM features.
We are always happy to answer any questions you may have. Reach out to us here.
If we are to describe the modern banking, financial services, and insurance industry (BFSI) in one word, we would say complex. With the onset of digitalization, many customer services are now online; banking and insurance mobile apps are increasingly becoming the norm. Apart from this transformation of customer services, traditional banks are facing competition from neobanks – technology-driven, agile banking and financial service providers. Neobanks often have lower operational costs as they are mainly online-based. Similarly, “born digital” insurers that leverage technologies such as artificial intelligence (AI) are competing with established insurance companies. We have also seen the rise of super apps that offer consumer services through third party integrations with several digital payment options (i.e., WeChat, Grab, AliPay, Gojek, to name a few). To stay ahead of these new disruptive developments and remain relevant to younger, digital native consumers, traditional BFSI companies are adopting digital-first strategies.
Competition is not the only factor that contributes to the complexity of today’s banking and financial services industry. As more services are available online and accessible from mobile devices, there are significantly higher security risks. In 2020, the BFSI industry was the top target for cyberattacks. The number of devices used in this industry is rising due to digitalization. Microfinance and insurance companies also have a mobile workforce, where employees travel to many locations to support their customer base.
The BFSI industry in Sri Lanka and digitalization
The BFSI industry in Sri Lanka is undergoing rapid growth. Innovation has become the defining characteristic of this growth, as institutions strive to differentiate their products and services. Digital onboarding, QR based payments, digital wallets, mobile applications, and mobile payments are some of these new services. With innovation and greater device use, device security inevitably becomes a major concern for the industry. Enterprise Mobility Management (EMM) has a pivotal role to play in catering to this innovative landscape and making it secure for all the customers. In this highly sensitive market, even the Central Bank of Sri Lanka (CBSL) introduced explicit guidelines to ensure the protection and security of mobile devices so that users are not exposed to threats in an uncontrollable manner.
Any digital-first strategy must then address flexibility, efficiency, and security. Discussions around device management and security often lead to Mobile Device Management (MDM). Let us start with some basics. MDM is a software solution that empowers IT admins to manage, monitor, and secure devices across different operating systems in an enterprise IT ecosystem. Banks, financial services providers, and insurance companies cannot control customers’ devices – but you can control your own devices and provide secure services to your customers.
In this blog we will delve into some common challenges faced by organizations and how you can address them by implementing an MDM strategy.
Mobility challenges in the BFSI industry
Challenges in the BFSI industry vary – they range from securing data to ensuring that corporate devices are used for their intended purposes. Each organization will have their own challenge. Some common issues are:
Centralized management of devices
One of the biggest challenges in Sri Lanka’s BFSI industry is the lack of a proper system that manages devices and tracks their usage. The latter is to monitor whether the field sales agents are not misusing corporate devices by using these devices to view non-related videos, play games, install improper wallpapers or apps that can lead to a loss of productivity or damage the organization’s reputation.
Launching apps and pushing app updates
In the microfinance industry, field sales agents are required to visit remote areas where the WiFi connectivity could be weak and/or challenging. Under these circumstances, pushing app updates is a daunting task.
Data security
The BFSI industry possesses large volumes of sensitive data. It is vulnerable to cyber-attacks. Any compromises in data security are costly for an organization’s reputation and will have an adverse impact on its business operations. The BFSI industry faces immense pressure to protect data in case a device is stolen or lost and must have the ability to erase all data stored in a device.
Benefits of an MDM strategy
Centralized device, app, and data management
An IT ecosystem with many different types of devices, apps, and data will have multiple endpoints. With unified endpoint management (UEM) capabilities, you will be able to centralize all your UEM functions in one place – regardless of the operating systems that your devices use.
Faster onboarding of new customers and team members
The MDM solution will oversee identity management – authentication, passwords, and authorization. The onboarding of new customers can become an online, device based function – which is more efficient and faster than dealing with cumbersome manual tasks. Similarly, granting the right authorization for your team members to use corporate devices will become a simpler task.
Mitigating effects during security breaches
Lost or misplaced devices, or any loss of data from apps need quick responses. MDM solutions provide geotracking capabilities to locate devices remotely, plus the ability to lock devices and delete data in the case of a security breach. This way, you can prevent the mishandling of devices and your all important data.
Remote troubleshooting
MDM solutions provide remote troubleshooting capabilities which is especially helpful if you have team members working in many geographic locations i.e., based in the field. In the event of device problems, these team members are not dependent on admins who are based elsewhere to solve such issues.
Device usage control and SIM lock-in
Restrict enterprise device use to required apps only through app blacklisting features to ensure that devices are used for work-related purposes. Moreover, you can also bind mobile SIM data to these apps only so that you do not incur any additional costs with your data packages.
Business intelligence
MDM solutions give you device usage statistics that you can view on dashboards. The data gives you insights into team performance and any app upgrades required.
Extensive integrations and customizations
You can customize the solution to suit your specific requirements, with the necessary dashboards, reporting, and analytics features.
At Entgra, we understand each of the challenges faced by the BFSI industry and we have a highly customizable product that will enable you to respond to rapid changes. Entgra MDM is a centralized device management and unified endpoint management platform that helps you manage your many device identities securely. You have access to a host of features such as remote device management, analytics and dashboards, and simplified device enrollment. Learn more here and start the conversation with us.
We have come a long way since the times when education was a privilege for the chosen elite, attainable by virtue of class, religion or gender. And a long time from when sacred scriptures had to be memorized by a trusted few to transfer knowledge from one generation to the next.
The ancient Greeks had laws in place to ensure that formal education was primarily for males and for non-slaves. In early Mesopotamia, only the royal offspring and sons of the rich or the professionals had the entitlement to be schooled, i.e., access to reading and writing. The Chinese resorted to rote memorization for teaching over 40,000 characters in their language.
In the light of such absurdities, today we are in a position to pat our own backs gleefully for being able to read ridiculous ancient teaching practices leisurely. We are also able to grasp the fact of our learning habits, too, having leapfrogged tremendously from etching on wax tablets and oral recitals to browsing content in our devices conveniently today.
Given the enormity of the knowledge we have amassed and hoarded in numerous tricky technical formats in the present day, what is required of the sentient being now is the aptitude with which to retrieve and apply just the right resources for the problem at hand. The finesse of crafting the best with what we’ve got. The learner’s armor today, in that sense, is very much personalized to the individual, in how and what works best for each individual.
Education 4.0
The evolution of digital pedagogy has been rapid and unprecedented. And definitely expedited by the pandemic.
We have now entered an era of innovation-driven, immersive learning experiences aided by digitized tools and techniques for effective knowledge retention and application. Today’s students are digital natives in every sense of the word – they are exposed to digital technologies at a very young age and understand how to use them, often in a very sophisticated manner.
In an ideal flipped classroom that we are headed to, the students embark upon actual problem-solving during the class hours, while reading up on theory and learning lessons have been moved out of the scope of the classroom. Students can watch lectures online, download relevant notes, and discuss/explore their ideas through online forums or discussion groups. This type of blended learning strategies reinforces active student engagement and knowledge application within the classroom.
In that sense, Education 4.0 is a jump-start from its version 1.0, naturally called for, and vastly aided by the technological advancements of its counterpart, the fourth industrial revolution. Industry 4.0 has thrust us with smart technology, Artificial Intelligence (AI), big data, Virtual Reality (VR), Augmented Reality (AR), and robotics.
We must now shift our focus to empowering the next generation of learners, harnessing the culled knowledge with advanced technology for betterment – ideally in accordance with our Sustainable Development Goals for education [SDG 4]
Are we there yet?
Education 4.0 involves the use of tablets, laptops, smartphones, and various other devices as supportive tools for learning. Aimed at instilling the 4Cs the century calls for, our students are now being trained to think critically, make the most of their creativity, and communicate and collaborate effectively with their peers. With the students having a big say in the how of it today, learning has become a highly personalized experience to be indulged in from anywhere, at any time.
Such a transformation calls for an equally elaborate and sophisticated response from educational institutions. These institutions must be prepared to address challenges that arise with infrastructure, services, and facilities for students and teachers alike.
Visionary institutes like the Avinya Academy already have programs designed for empowering the next generation student that extend beyond the required skill sets – these students are equipped with the knowledge to be proficient in life and career fundamentals the future calls for.
Riding on the waves of the latest trends in tutelage, academies must incorporate and leverage progressive technology to provide the fitting educational foundation for these self-paced learners so that they can become the global digital citizens of tomorrow.
Device strategies for educational institutions
Cyber-physical learning curricula comprise course work requiring interactive, immersive learning experiences using varied e-learning tools and techniques. Possessing one’s own device is only the starting point here for the exciting escapade that awaits the learner. As such, academic institutions are better positioned to identify the exact student requirements and address the demand justifiably without calling for unwarranted problems.
Most academic institutions today provide students with centrally administered mobile devices. A strategic plan for effective device management customized to the institute’s guidelines can help manage entire fleets of devices effortlessly.
Entgra’s comprehensive Mobile Device Management (MDM) solutions present purpose-built plans for educational institutions. With its centralized device and unified endpoint management capabilities, the solution enables multiple integration options with third-party platforms.
Reliable Identity and Access Management (IAM) features are imperative for an impregnable, secure Learning Management System (LMS). With our MDM suite’s controlled access permissions, Single Sign On (SSO) and authentication policies, IT administrators can securely onboard large numbers of devices and users swiftly. With a strong foothold on securing privacy and sensitive data, Engtra MDM enables remote locking/wipe-off when subject to security breaches.
These are some of the features we support presently:
For comprehensive device strategy solutions customized to suit your academy, do reach out to us at https://entgra.io/contact-us/, and we shall be happy to help you gear up.
Entgra MDM is a unified platform for developing, managing, and integrating Unified Endpoints (UEM), Enterprise Internet of Things (IoT), and Enterprise Mobility Management (EMM).
Asgardeo is an IDaaS developed by WSO2. It is a developer-friendly platform for managing user identities and accessing management seamlessly. This blog will explain the configurations that you need to do on Asgardeo and Entgra MDM.
What is an external IDP?
In a nutshell, an external identity provider is a service that manages and stores user identities. It provides authentication and authorization services to other applications and services. Although Entgra MDM has an in-built identity server that can leverage all identity and access management (IAM) related services, it also provides flexibility to developers as they can connect with external IDPs.
Configuring Asgardeo
First, create an Asgardeo account and the rest is easy. Use the following link to sign up.
Creating an organization
The concept of organization is something similar to the term tenant of WSO2 Identity Server. Create an organization by clicking on the dropdown menu on the top-left corner of the page.
This will prompt a simple form where we have to enter the name of the organization we are trying to create. (Note: this will allow only simple alphabetic characters and does not support other numerical, special characters or capital letters.)
For the purposes of this blog, I’ve created an organization named “devorganization”. Once the organization is set, create a new OIDC application.
Creating a new OIDC application
Click “Develop” on the top menu of the Asgardeo console and it will take you to the following page.
Then click on the “New Application” button and choose “Standard-based application”.
Give a name to the application and make sure to choose OIDC as the protocol. Check “Management application” if the application needs to access any management APIs of the organization. Finally, click on “Register” to create the application.
Inside the application settings, go to protocols and update the grant types as follows:
Add https://localhost:9443/commonauth as the Authorized redirect URL. This is the URL to which the Asgardeo will redirect after completing authentication.
Creating new custom user-attributes
When using external IDPs, although the users will be stored inside the external IDP, they might have to be provisioned inside Entgra MDM using just-in-time provisioning (JIT). Map attributes such as username, role, etc. with the local attributes. To create a new attribute, click “Manage” on the top menu and then navigate to the attributes section.
Click on “Attributes” and then proceed to “New attributes” to add a new attribute. Create a couple of attributes for username and role, namely the “asgardeo-username” and “asgardeo-role”.
After creating the attributes, it will redirect you to the configuration page of the attribute. Under this configuration, check the two configurations below and click on the update button to save the configurations.
These two configuration will enable the display of these attributes in the user profile and make them mandatory.
Configuring the scopes
Configure the scopes to map the above attributes against “openid” scope, so that these attributes will pass during JIT provisioning. Under the “Manage” section, click on “Scopes”.
Click the edit icon of the “Open ID” scope and then click the “New Attribute” button inside it to add an attribute to this scope.
Check the “Asgardeo Username” and “Asgardeo Role” attributes and click on the “Save” button
Go to the created application and edit the user attributes as follows and click “Update” to save these changes:
Creating a new user account
You must then create a new user account to test the Asgardeo authentication flow. Under the “Manager” section, click on the “Users” section to view the user management page. Click on the “Add User” button to create a new user.
Create a new user by filling out the following fields along with a temporary password.
After creating the user account, go to the user’s profile and update the attributes that were created earlier and click on the “Update” button to save the changes.
Changing the subject claim of Asgardeo to username
By default, the User ID is set as the subject claim in Asgardeo. Entgra MDM will be looking for a username under the subject claim of the ID token. Therefore, we might have to update the subject claim of Asgardeo using their management APIs. Invoke the following APIs using the CURLs provided in the given order to change the subject claim.
Generate an access token using the client credentials of the application.
Search for all the applications under the organization and find the application-ID of the application you have created.
curl --location --request GET 'https://api.asgardeo.io/t/<organization_name>/api/server/v1/applications' \
--header 'Authorization: Bearer <access_token>'
Retrieve the application details using the above application-ID.
curl --location --request GET 'https://api.asgardeo.io/t/<organization_name>/api/server/v1/applications/<application_id>' \
--header 'Authorization: Bearer <access_token>'
Patch the application by changing the sub-claim to asgardeo_username. Change the values of the claim mappings and requested claims, based on the response received in step 3.
So far we have completed the Asgardeo configuration successfully. Now let’s move on to configuration of Entgra MDM.
Creating a new user role
To explore various features of Entgra’s web applications, a user might need certain permissions. You have to create a new role for that and assign a few permissions. Inside the carbon console, click on “Add” under the “Users and Roles” section and then click on “Add New Role”. Let’s create a role called “test-role” and then click “Next” to add permissions.
You can now see a permission tree with a list of permissions. Click on the “device-mgt” permission and it will choose the child permissions automatically.
Adding a new Identity Provider
Log into the carbon console of Entgra MDM via https://localhost:9443/carbon and click on “Add” under the Identity Provider sections on the left vertical menu. You will see the following page and can configure the basic configuration as shown below:
Configure the “Claim Configuration” as shown below. Here we are mapping the Asgardeo Role attribute with our internal role claim.
Configure the “Role Configuration” as shown below. We are trying to map the “Asgardeo Role” attribute value against an internal role named “Internal/devicemgt-user” that is already configured inside the product.
Configure the” Federated Authenticators” as shown below. Replace the client-id and client-secret with your Asgardeo application’s credentials.
Configure the Just-in-Time provisioning to “Silent provisioning”.
Configuring Service Provider
Entgra MDM comes with multiple web applications. Each of these web applications will have a service provider created inside the carbon console. To view the service providers, navigate to the Service Providers page. For this tutorial purpose, let’s try to configure Entgra’s Endpoint Management application with Asgardeo. Edit the Endpoint Management application’s service provider from the Service Providers page. If you cant see the service provider, try to log in to the endpoint management application at least once through the following URL: https://localhost:9443/endpoint-mgt.
Under the service provider, change the Authentication type to “Federated Authentication” and chose “Asgardeo” as the identity provider.
Voila! Now, we have successfully configured an Entgra MDM application, to SSO with Asgardeo IDaaS. Now you can log in to the https://localhost:9443/endpoint-mgt application using Asgardeo.
I hope that you found this blog useful. If you have any questions, do reach out to us here.
The healthcare industry is one of the best examples where a multitude of devices are used daily by a large number of people, ranging from healthcare professionals to patients and visitors. Over the years the sheer number of devices used in the healthcare industry has grown and the Internet of Things (IoT) healthcare market is estimated to grow to USD 260.75 billion by 2027.
Increasingly, mobile computing devices such as phones, tablets, and portable computers are used to streamline certain administrative operations such as channelling/ appointment scheduling, report storage, set up self-service kiosks, and displaying information on doctors’ availability.
Devices used in this industry broadly fall within two categories – devices that are solely used for medical purposes and hospital operations, and devices used for patient entertainment purposes during their hospital stay (i.e. tablets with a range of apps that patients can use).
These devices, particularly those used for medical purposes and hospital operations, collect, store, and transmit sensitive personal data about individual health conditions and past medical records. Any data leak, whether accidental or in some cases deliberate, is costly both in monetary terms and reputational damage to the hospital or medical clinic. Moreover, the fact that many hospitals and medical clinics have BYOD policies adds a further level of complexity.
All these developments present a number of challenges to IT teams in this industry. For one, data security is of paramount importance. Secondly, these teams are responsible for device maintenance and oftentimes, this is a manual and time consuming task involving devices placed in many locations where a team member is required to be physically present. Thirdly, devices require frequent security and application updates, and monitoring. Finally, devices have to be replaced when they no longer function properly.
MDM Solutions Have the Capabilities To Empower IT Teams
This is where a Mobile Device Management (MDM) solution helps. Recently a large hospital chain that we worked with decided to use a MDM solution to securely manage all of the devices used across multiple hospital locations throughout the country. This hospital chain required the following:
Centrally managed system – for tablets, phones, and public signage units used for channeling, bookings, and other operational functions.
Automated updates – presently, security, OS, and app updates are performed manually.
Enhanced security – anyone who has access to a device gains access to all the system level settings. Since a majority of these devices are located within public areas, it was impractical to limit physical access.
Onboarding and authorization for devices – management software was not used for device onboarding and devices are connected to the hospital network for internal access.
Prevention of malpractices – eliminate instances where sensitive data is compromised on purpose by any employees and the separation of access for work-related use from personal use where employees use their personal devices.
After working with several vendors in the past, the hospital chain has identified their pain points and the ways through which data leaks can occur. Through Entgra MDM, we have been able to provide the following capabilities to address the hospital chain’s concerns:
Centralized device management
One of the greatest benefits of centralized device management is that IT teams can manage an unlimited number of devices that use varying operating systems (i.e. Android, iOS, Windows, Linux, etc.) using one technology platform.
Data security, access controls, and onboarding
A single technology platform also helps with device and data security. IT teams can use the MDM solution to enable authentication (MultiFactor Authentication or Single Sign On). This way, only authorized employees can gain access to devices for work related purposes only. This is particularly helpful when BYOD policies are in place.
Device lock-in
Device misuse and loss are common concerns in the healthcare industry. In the event that a device is lost or stolen, or of an attempted unauthorized access, IT teams can remotely lock the devices to prevent any data leaks.
Remote maintenance and monitoring
Device maintenance and monitoring are time consuming tasks, requiring many resources from the IT team. Using a MDM solution eliminates this need, as the IT team can now perform these tasks remotely, from any location and need not be physically present at the device locations.
Security, OS, and app updates
A MDM solution enables frequent security and app updates are installed in devices in real time.
The effects of the COVID-19 pandemic continue to loom over us. With hopes of opening countries and returning to normalcy, we take one step forward, only to fall back two, with tightened masks. It surely will be a while before life as we once knew it can be restored.
Thrust with incertitude at all levels from economic subsistence, vocational hardship, healthcare exigencies, and the unpredictability of life in general, our core existential strategy for the last two years has primarily been inclined towards that of basic survival centered around us as individuals, our close-knit families and communities, and the associated temporal assets. The pandemic epiphany has brought about drastic changes in our lifestyles, calling us to revise our priorities with a new reality check in life.
For business enterprises, this is bad news and has been so for the past two years.
The Trending Story InNumbers
As with every historical industrial revolution, the effects of the pandemic will shape the economic trends for the future. Unsurprisingly, there will be an evident increase in remote working. A recent Gartner poll found that48% of employees will likely work remotely at least part of the time after COVID-19 compared to 30% before the pandemic.Similarly, the McKinsey Global Institute estimates that more than 20% of the global workforce could work the majority of its time away from the office – and equally importantly, be just as effective.A consequent HR trend analysis by them indicatesthat 32% of organizations are replacing full time employees with contingent workers as a cost-saving measure. Prepped up for this, in a recent Gartner poll, 90% of HR leaders said employees would be allowed to work remotely even once COVID-19 vaccines are widely available.
As indicated by these statistics, we have embraced what worked well from the pandemic and are progressing forward retaining the lessons learned. There’s no going back now. Digitally enabled productivity gains have accelerated the Fourth Industrial Revolution powered by technology and defined by operational models that survived above the pandemic predicaments.
Remote Working or the ability to Work From Anywhere (WFA) is clearly here to stay. So is the hybrid work model as has been discovered in a recent HR trend analysis by Gartner.
Accordingly, the most favorable operational model driving business transformations in the predictable future is that of the Hybrid Work model where employees interact with each other with a mix of distributed, co-located premises synchronously, and/or asynchronously.
Your employees are now empowered with the choice of how best productivity is accomplished – your job is to ensure they are sufficiently equipped to do so.
Are We Ready? Fitting Device Strategy for Your Ecosystem
Managing a digital ecosystem of disparate devices on different platforms can be quite a challenge. Even more so are the conundrums involved with the smooth operation of digital systems whilst being caught unawares by the virus. It is therefore imperative that we make the most of what we have for continued existence of operations under the prevailing constraints.
In one of our recent undertakings, we set out to empower public field officers by helping them digitize their routine tasks. Whilst managing to effectively map the skill sets to devices and the appropriate technology during the project, we also analyzed and outlined how the government administrators in Sri Lanka can benefit from a centralized strategy to monitor and manage the devices deployed in the field.
Ideally, a complete device strategy is woven around the business requirements of the enterprise, its device engagement criteria, product building, operational efficiency, scaling potential, and the extent of available technical support. Value creation from a long-term perspective and sustainability of device deployment with integration are vital aspects to be considered for a productive device strategy.
With our varied Mobile Device Management (MDM) solutions and Internet of Things (IoT) technologies, Entgra can help you formulate the most fitting strategy for your enterprise. Our recommendations precede a comprehensive analysis of your device specifications, their functionality and configurations, defined ownership and administrative policies, pre-work device check, monitoring and their distribution, complete with a pilot run on device deployment in the field. As part of our assistance in managing your ecosystem, we will also help you with App development, identity and access management (IAM) and storage options.
Resilience and Agility: The Way Forward
Resilience, in enterprise terms, is a measure of your ability to swiftly adapt to disruptions while maintaining continuous business operations and safeguarding your employees, assets, and overall brand equity. Resilient organizations are better able to respond and correct their course quickly with changes.
Faced with the adversities introduced by the pandemic, enterprises that are actively taking measures to optimally tackle the changes are positioned with a competitive edge to be able to progressively move forward retaining most of their strength in vying to make the most of the situation.
Building a more responsive organization in terms of infrastructure and operational flow to increase agility and flexibility with room for flexing is therefore of utmost importance. This in turn translates into facilitating seamless workflows and remote working environments against a backdrop of changing and evolving technology usage, both by organizations and individuals.
Entgra offers you a single platform for device integration with comprehensive endpoint management capabilities where you are able to expose devices as APIs securely with identity federation for managing human and device identities. Enabling custom integrations with broad built-in capabilities, and for developing end-to-end applications, our secure, customizable platform can manage all types of devices and applications. Complete with device and endpoint data analytics for systematic decision making, our IoT platform together with our Enterprise Mobility Management (EMM) solutions will enable you to remain resilient, relevant, and flexible to respond to present and future changes.
Get in touch with us to learn more about how we can help you.
