Mambo Knowledge Base
A leading provider of Enterprise Mobility Management (EMM) and the only EMM solely focused on the Android Enterprise ecosystem. As a Google Approved EMM Partner and Authorized Android Zero-Touch Reseller, Mambo is an end-to-end provider of enterprise solutions. The way we work and communicate is constantly evolving, which means we’re well-positioned to give businesses operating on Android complete control and peace of mind. Our mission is to provide businesses an efficient and secure mobility management solution to power all devices in their network. Stay secure, efficient, and agile with Mambo.
Mobile device management (MDM) is a device lifecycle management technology that enables IT to deploy, configure, manage, support and secure mobile devices through MDM profiles installed on the devices. MDM software provides asset inventory, over-the- air configuration of email, apps and Wi-Fi, remote troubleshooting, and remote lock and wipe capabilities to secure the device and the enterprise data on it. MDM is the foundation of a comprehensive enterprise mobility management (EMM) solution.
Mobile application management (MAM) technologies apply management and policy controls to individual apps instead of the entire device. MAM solutions typically offer a custom app store that enables control and delivery of both internally-developed and third-party apps. IT admins can add security, encryption and control to mobile apps using AppConfig Community standards or software development kit (SDK) or app wrapping solutions from the MAM provider.
Enterprise mobility management (EMM) is a device- and platform-agnostic solution that centralizes the management, configuration and security of all devices in an organization, both BYO and corporate-owned. EMM goes beyond traditional device management to include the management and configuration of enterprise apps and content.
A comprehensive EMM solution will include MDM, MAM, mobile content management (MCM), identity management for access control, and productivity apps for easy access to corporate email, calendar, contacts, content repositories and intranet sites. When done right, an EMM solution should supply both the technical capabilities to simplify management and security for IT as well as a pleasant user experience for the employee.
Unified endpoint management (UEM) enables IT to stop using separate tools to manage mobile, desktop and now Internet of Things (IoT) devices. UEM solutions provide a holistic and user-centric approach to managing all endpoints by combining traditional client management of desktop and PC systems with a modern enterprise mobility management (EMM) framework. A comprehensive UEM solution will enable IT to manage users and deliver a consistent experience across all endpoints, secure and manage the full device lifecycle, and do it all in a single, comprehensive platform.
Bring your own device (BYOD) is an IT policy that allows employees to use their personal devices for work purposes. EMM platforms enable organizations to implement a BYOD strategy without sacrificing security or employee privacy by providing separation of work and personal data on the device. This separation allows IT to manage and secure only the work data on an employee-owned device. If a device is ever compromised or when an employee leaves the company, IT can remove only the work-related data, leaving the personal items on the device intact.
“Corporate Owned, Single Use” (COSU) are very specific devices used for a single purpose, with pre-determined policies applied on the device. COSU devices are company owned, and have an advanced security layer which is managed and secured by the IT administrator.
Provides full device management and app management for granular control over company-owned devices. Choose from 80+ settings to enforce and benefit from Android’s full suite of app management features. This option is designed for devices intended primarily for corporate use.
Transforms company-owned devices into purpose-built devices. Lock them down to a single app kiosk or suite of apps to serve specific employee or customer-facing scenarios. Enforce an extended range of security policies to prevent users from escaping apps and accessing the lock screen.
Enables platform-level separation of work apps and data. Enterprises have control over all data and security policies within the work profile. Outside the work profile, the device remains suitable for personal use—ideal for BYOD deployments.
Zero-touch enrollment is a streamlined process for Android devices to be provisioned for enterprise management. … Android zero-touch enrollment offers a seamless deployment method for corporate-owned Android devices making large scale rollouts fast, easy and secure for organizations, IT and employees.
OEMConfig is a standard that enterprise mobility management (EMM) providers and OEMs follow in order to make these policies available to IT admins. OEMConfig can be used to add and customize the OEM-specific features for Android Enterprise devices. OEMConfig defined by Google that leverages managed configuration in Android to send device settings to apps.
Yes, Mambo offers a screen sharing and remote control feature so organizations can view and control the devices from a remote location.
Yes, devices can be enrolled one by one or in bulk. For individual enrollment, you will use a DPC_IDENTIFIER or QR code technique. For bulk enrolling, that is done through Android Zero-touch.
Yes, the devices need be factory reset (unless enrolling under Work Profile) to be enrolled and managed by EMM.
No, one device can be enrolled in only one policy at once. Admin can create multiple policies with different settings and permissions but assign only one policy to one device.
No, a device cannot be unenrolled by a user (unless it is enrolled as Work Profile device).
Note: It is recommended to block Factory Reset on a device.
Go to Settings > Accounts and select Remove work profile. Click on Delete to confirm the removal of all apps and data within the work profile.
Yes, users can temporarily turn on/off their work profile. Here is how:
From settings:
- On your device, navigate to Settings > Accounts > Work profile settings.
- Tap the Work Profile switch to turn it on or off.
From notification bar:
- Users can quickly turn on/off by sliding down the notification bar. Then, tap the Work Profile tile.
When your work profile is turned off, the work icon in the Quick Settings panel is dimmed and the system Settings app shows a message that lets you know it is turned off.
Note: Some of this information might not be the same on every device.
To “push” means to send data or configurations to an employee’s device without the employee having to take an action. We push security settings, application configurations, and profiles.
“Over the air” is a remote configuration with no physical connection between the mobile device and a computer. All data transfer occurs over wireless (WiFi or 3G). Devices can be provisioned, wiped, encrypted, and locked.
Yes, real-time tracking of device location is supported.
The Admin can locate the device in real-time, and lock down the device. Wiping the device of its data is also possible should it be suspected that it is in an unexpected/suspicious location.
The user must contact the ADMIN if a device is lost. The Admin will then have the ability to lock down and wipe the device.
Note: The user must ensure the device is backed up consistently to avoid losing any data on the device.
The corporate device should be returned to the manager. User’s personal devices will be un-enrolled from the EMM platform.
Currently, Mambo supports devices running on Android 7.0 or higher. Mambo will support iOS devices in early 2020.
Yes, Mambo supports public and private app management. Client will have access to the entire Play Store.
- Login into the Play Console.
- Choose the desired app and select Pricing and Distribution
- Navigate to “choose organizations” and add the new organization id.
- Private app will be available in your EMM’s Play account
- Yes. Within the Mambo admin console, select application Install Type as “FORCE_INSTALL” or block application uninstall.
- If a device is locked down to KIOSK, the user cannot uninstall the application by default.
Not directly, but once a device is enrolled in Mambo, Wi-Fi is the preferred method for connecting by pushing profiles.
Mambo is hosted on Microsoft’s Azure cloud infrastructure, with multiple locations in the U.S.A.
Policies are a set of rules configured by IT, used to secure, manage, and regulate the behavior of mobile devices. One example is a policy that blocks a device from enterprise resources if it is rooted or jailbroken. Policies can be applied.
You can associate users to either pre-defined roles or create roles and associate them. Additionally, you can modify the users, their roles and even delete them.
Yes, due to our multi-tenant structure, multiple users can be separated into different groups with different permission levels.
Once your account has been deactivated, all of the devices associated with that account are unenrolled from the Mambo portal and the devices will be factory reset.
Mambo can be purchased as either a perpetual license with an additional annual support fee, or as a monthly subscription that includes support.
We value user’s privacy. Therefore, this type of data is not accessible and remains private.
On BYOD devices, personal data and apps are kept separate and remain private. IT can only view the corporate/work profile installed on each device, which includes data such as:
- Device model
- Device IMEI
- Device serial number
- Device manufacturer
- Operating System and version
- All applications installed on the work profile.
Please Provide Further Details