Mobile Device Management (MDM)

Windows MDM

The JumpCloud platform has officially integrated Windows Mobile Device Management (MDM) with the JumpCloud agent. This new integration provides a wealth of management possibilities for IT organizations seeking a Unified Endpoint Management (UEM) experience, offering a stable, robust, and competitive Windows device management solution utilizing standard enrollment and management protocols.

IT Admins can enable streamlined user-led device enrollment experiences for end users on Windows MDM. Tamper-proof security features ensure that users can’t remove the JumpCloud agent or MDM. 

Apple MDM

Remote onboarding with JumpCloud is fast and secure. JumpCloud’s Zero-Touch Onboarding lets you customize the screens your users see and then automatically assign the user to a company-owned device. The device can be shipped directly to the employee who turns on the device, authenticates with JumpCloud credentials, and is immediately up and running. If you can’t use Apple’s Automated Device Enrollment, there are other ways to enroll devices in MDM.

You can also create customized policies to automate device enrollment, manage local firewall settings, disable guest accounts, manage App Store access, and perform other security considerations. You can apply these configurations to one device or user, or groups of devices or users.

JumpCloud supports several types of MDM enrollment for these device types:

MacOS devices:

  • Apple’s Automated Device Enrollment (company-owned)
  • Device Enrollment (company-owned)

iOS and iPadOS devices:

  • Apple’s Automated Device Enrollment (company-owned)
  • Device Enrollment (company-owned)
  • User Enrollment (personal iOS and iPadOS devices only)

Android EMM

As a JumpCloud IT Admin, you and your end users can enroll and can monitor Android devices and apps in your organization and control these devices. JumpCloud’s Android EMM solution provides flexibility for your users by allowing them to work securely remotely and access company files, directories, work apps, and other data.

Android EMM uses a work profile, a separate self-contained space on the device that stores corporate apps, data, and management policies. The work profile ensures that the same device can be used securely for work purposes or for personal use. A user’s personal apps and data remain on the device's primary profile and are never accessible or visible to the IT Admin or the EMM.

JumpCloud supports these types of Android devices and enrollment:

  • Company-owned devices:
    • Mixed Use – A work profile can enable work and personal use on a company-owned device. Your organization can have full control of the apps, data, and settings in an encrypted work profile, and can enforce policies to control settings for WiFi and block USB file transfers or disallow software apps that apply to a device’s personal data. Any personal data on a company-owned device isn’t visible or accessible to your organization.  
    • Fully Managed – The device is used exclusively for work and you control and manage the entire device. This device does not use a work profile.
    • Dedicated – This device is a subset of fully managed devices and is used for simple workflows. You can lock down the usage of the device to a single app or small set of apps, such as ticket printing or inventory management. This device does not use a work profile.
  • Personal devices – The Admin enables enrollment of a device owned by an employee, and the user enrolls the device via the User Portal. Work data and personal data are automatically separated.

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case