Users of your Syncplicity account can install the Syncplicity application on the following devices for mobile device management (MDM):
- Windows desktop
- Mac desktop
- Windows 8
For the supported versions of each operating system, see Supported platforms.
The following topics describe options for managing devices with the Syncplicity app.
Syncplicity Admin Console
The Syncplicity Admin Console is the only management application that addresses the Syncplicity app or client on all supported platforms.
You can monitor and manage each device that has a Syncplicity client or mobile application installed and is used to access your company’s Syncplicity account. These devices appear in the Manage Devices screen, which you can access by clicking admin in the console bar then devices.
The Manage Devices page displays the device name, owner, type of device, the last time the device was online, and the version of the Syncplicity client. The columns are sortable. For an account you can rename desktop devices or remove devices.
If using MobileIron or AirWatch to manage devices, you still can use the Manage Devices page to remote wipe and remove devices from the Syncplicity account. However, best practice is managing those devices via the MobileIron or AirWatch console.
MDM with AirWatch and Intune
You can use VMWare AirWatch and Microsoft Intune to manage the Syncplicity app for Android and iOS. This helps organizations give users access to corporate applications, data and resources from the devices of their choice.
The Syncplicity app supports native integration on iOS using App Configuration for Enterprise (ACE) and on Android using Android for Work. App wrapping or SDK integration is not necessary.
The Syncplicity app supports the following functions when managed by AirWatch or Intune using ACE or Android for Work:
- Single sign-on (SSO). You can auto-authenticate using email addresses and web view. You can pass the email address to the app using the custom configuration of ACE or Android for Work. The Syncplicity app receives this configuration and uses it to authenticate. SSO authentication is allowed using Kerberos and certificates.
- Data leakage prevention by controlling the Syncplicity Open In function. You can prevent users from opening files in the Syncplicity app from other unmanaged apps. The reverse also is true: preventing the Syncplicity app from opening files in other unmanaged apps.
- Control of camera access and screen capture features.
- Access control to prevent access to unmanaged apps.
- App version control and deployment.
Note: All Syncplicity policies from the Syncplicity console continue to work as normal, except an MDM administrator can disable policies as described below in "Supported features for AirWatch and Intune."
See the following topics for more information about MDM.
- Managing iOS devices using AirWatch
- Managing iOS devices using Intune
- Managing Android devices using AirWatch
- Managing Android devices using Intune
Supported features for AirWatch and Intune
AirWatch and Intune integration with Syncplicity supports the following.
- Pin login domains. A mobile device management (MDM) administrator can create a whitelist of one or more comma-separated email domains. Only accounts with user IDs ending in these domains can log in via the Syncplicity mobile app. The Syncplicity mobile app honors this control.
- Login with browser. An MDM administrator can control whether the end user can use the OS default browser or in-app webview for SSO login or only use the in-app webview for SSO login. The Syncplicity mobile app honors this control.
- Syncplicity Open-In policy. A Syncplicity administrator can prevent or allow opening of files by users from Syncplicity into other apps. An administrator can override this Syncplicity policy for MDM-managed devices and directly control Open-In (allow, disallow, whitelist). If the administrator does not override the Syncplicity policy, they still can specify Open-In control. However, the applicable policy is more restrictive than the Syncplicity policy.
The following passcode policies are supported.
- Enforcement policy. A Syncplicity administrator can prevent or allow entering passcodes by users to access the Syncplicity app on their mobile devices. An MDM administrator can override this Syncplicity policy for MDM-managed devices and directly control passcode.
- Failure policy. A Syncplicity administrator can prevent or allow wiping data after repeated passcode attempts by users. An MDM administrator can override this Syncplicity policy for MDM-managed devices and directly control data wiping.
- Timeout policy. A Syncplicity administrator can set a passcode timeout with a specified time. An MDM administrator can override this Syncplicity policy for MDM-managed devices and directly control passcode timeouts. This requires users to periodically re-enter their Syncplicity passcodes or always enter their passcodes when switching to Syncplicity.
- Allowed attempts. A Syncplicity administrator can specify the number of app passcode failures before wiping data. An MDM administrator can override this Syncplicity policy for MDM-managed devices and directly control the number for app passcode failures.
- Timeout minutes. A Syncplicity administrator can set passcode timeout policy. An MDM administrator can override this Syncplicity policy for MDM-managed devices and specify the number of minutes for the passcode timeout policy.
You can use the MobileIron console to manage the Syncplicity apps for Android, iPhone and iPad.
The Syncplicity app for Android is a MobileIron AppConnect-enabled app. This allows the Syncplicity app to support MobileIron AppConnect, Sync and Security policies to protect and manage the Android device. The AppConnect version of the Syncplicity app is available only from the Syncplicity admin console Downloads page.
The Syncplicity apps for iPhone and iPad also are MobileIron AppConnect-enabled apps. However, users can download the app from the Apple App Store. The iOS Syncplicity apps support normal and MobileIron managed modes.
The Syncplicity apps support the following MobileIron functions.
- Passcode control, where the same passcode is used for all MobileIron managed apps.
- Data loss prevention policies by controlling Open and Copy-Paste within managed AppConnect apps.
- Control of camera, gallery, screen capture and video functions.
- MobileIron secure email and browser, used to share content only among AppConnect apps.
- Data encryption and storage in the secure AppConnect container.
- Access control to external storage devices, such as SD cards.
- Wipe data in Syncplicity as well as retire the device.
- Allow the Syncplicity app to connect servers behind firewalls using MobileIron’s Advanced AppTunneling feature.
Note: All Syncplicity policies from the Syncplicity console continue to work as normal, except the mobile passcode enforcement policy, as the passcode is received directly from MobileIron Apps@Work.