Mobile Device Management
Microsoft Intune Mobile Device Management (MDM) is a solution that helps to improve information security in mobile phones and the information systems used by the Universities community. The solution consists of an app running on an Android phone or an iPhone, and a management system running on a cloud service.
For the sake of simplicity, the instructions for MDM only discuss phones. However, the same system is applied also to Android tablets and iPads, and the instructions of Android phones and iPhones work on them. This management solution does not concern computers, i.e., workstations.
MDM must be deployed on all phones owned by the employer.
The deployment concerns employees and those resource agreement holders that have received a phone for work use from employer. A student has to deploy MDM only if she is also an employee.
MDM also works in phones that have two SIM cards, that does not make any difference to MDM.
- Access to the phone is protected with good security settings, most importantly the security code (PIN) and screen lock time.
- Work-related data in the phone is protected with secure apps whose data is protected by encryption; the data may also be erased remotely if the phone is lost.
- Information systems used by the Universities community are protected against phones that do not have sound security settings.
- New phones and phones passed on to a next user are protected against theft and misuse.
- The device register is kept up to date, enabling the IT services to provide a better service when you request it.
- Your own apps and data will remain as they are. The only change is that in Android phones apps can be installed only from Play Store.
Good information security must be maintained also in users' own phones. That is why employees have to deploy MDM on those phones which they want to use for running M365 apps (such as Outlook, Teams, Office, OneDrive) or accessing the same services with a browser.
Services that use HAKA sign-in (such as Intranet, Sisu, Moodle, Wiki, Promid, eParking, SportUni, Andor, M2 Blue) do not require MDM.
MDM controls only some security settings and a small set of new apps installed for working. MDM has only minimal impact to the usage of your own phone:
- MDM can access only very little identification information in your phone: phone manufacturer and model; version of operating system; name of user; name, serial number and IMEI of the phone; last four digits of phone number; apps installed by MDM.
- MDM cannot ever access your own data, files, apps or location in any way.
The employees of IT Services comply with strict information security and professional ethics. The work of the maintenance personnel is closely regulated in IT Service Maintenance Policy and in Log data policy. We follow naturally Principles of Good Governance at Tampere University, in which data protection and information security are the most relevant in this context. Your data is secured in good hands.
Deploy MDM according to instructions on the following page on those phones which you want to use for using M365 services:
If you have just received a new work phone in which the deployment of Intune MDM starts automatically when you turn on the phone, deploy MDM according to the instructions on the following page:
The following instructions advise how to use MDM in an Android phone.
Intune MDM changes only very little the usage of an iPhone. For iPhone, please study the iPhone guide found on the page MDM - Instructions for phone in use to find instructions how to install work apps and how to set settings in the phone.
0294 520 500
it-helpdesk [at] tuni.firel="nofollow"