Android Enterprise
Android

Full Device Management Using Android Enterprise

Android Enterprise is a comprehensive program developed by Google that facilitates the integration of Android devices and applications into the enterprise environment. The initiative provides developers with a range of application programming interfaces (APIs) and tools to help them build enterprise mobility management (EMM) solutions that incorporate support for Android devices. Essentially, Android Enterprise is a set of resources and services that enable businesses to secure, manage, and deploy Android-based devices and applications in a more streamlined and efficient manner, while maintaining the necessary level of control and compliance.

Full device management using Android Enterprise

Most of us might have come across ticket-booking kiosks in movie theaters, token-booking kiosks in hospitals etc. For developing such platforms, the android enterprise platform offers an effective solution, which is Full Device Management using dedicated(company-owned) devices.

Such solutions can be used in employee-facing apps development. It includes inventory management, field services management, transports and logistics etc. Moreover, it can be used in customer-facing applications like digital signage, hospital check-ins, and other kiosk-based solutions.

EMM Console

EMM console is an admin dashboard that we can build by making use of the Android Management API. By using this console, the ITadmin can perform various tasks. It includes managing their organization, managing their management policies, managing their devices etc.

Android Management API

The Android Management API is a powerful tool that facilitates every stage of enterprise mobility management. With this API, businesses can seamlessly manage Android devices, from the moment the customers enroll this to ongoing device management.

Using the API, businesses can generate device enrollment tokens and set up management policies in their console. These tokens allow customers to enrol their devices and apply relevant management policies. On the backend, the console utilizes the Android Management API to create enrollment tokens, policies, and other management resources.

During device enrollment, the Android Device Policy companion app is automatically installed on each device. The API is useful for linking management policies to each device, ensuring that policy settings are automatically enforced on the device via Android Device Policy. This allows businesses to efficiently and securely manage their Android devices throughout their lifecycle.

Android Management Policy

An android management policy is an important part of android device management since it decides how an enterprise-owned dedicated device is managed remotely by the IT admin. All the device behaviours like a list of apps to be whitelisted/blacklisted, kiosk settings, status bar setup etc can be controlled remotely by using the policy under which a specific device has been enrolled.

Once we set up a policy, we need to associate/provision a device using this policy. Once a device has been provisioned using a certain policy, the hence enrolled device will function as per the set of instructions of that specific policy. We can edit/modify a policy using a wide range of API endpoints provided by android management APIs

How to create an enterprise and enroll devices into your android enterprise?

We can make use of the following google colab link to quickly start an android enterprise project and subsequently enrol devices to your enterprise

First , head over to the link >> https://colab.research.google.com/github/google/android-management-api-samples/blob/master/notebooks/quickstart.ipynb

The next thing that you need to set up is a Google Cloud Platform project. All the other resources that we build like enterprises, devices, and policies will be part of this project.

You can create a project in the Google Cloud Console like below

  1. Go to the Cloud Console.
  2. Click CREATE PROJECT.
  3. Enter your project details, and then click CREATE.

Once done, take note of the project ID, return to the colab and paste the  project ID in the box which says cloud_project_id.

And run the block by clicking the run/play button on the left.

Now, run the next block to start the authentication process, on successful completion of which, we will be able to run the block to create the enterprise.

Once we run the enterprise block we will receive the enterprise name associated with your project, which we will need to paste in the box where it says enterprise_name, after which we will need to run the corresponding block.

At this point, we have created the enterprise. Also, we are now ready to set up the policy which will govern how the enrolled device functions.

Creating a Policy

Once we have completed execution till the enterprise creation block, we need to now edit our policy. Inside this policy we can apply various features. This includes mention kiosk settings, status bar settings, mention the apps which need to be pre-installed as soon as a device gets enrolled etc. In the colab, you can edit the field install type to your app package name to make your app force install to the device as soon as the device is enrolled.

Device Enrollment

After successful policy creation, we can run the subsequent block, which will generate a QR code. We need to scan this code on device’s android management QR code scanner. 

To do this follow the below steps

  1. Turn on a new or factory-reset device.
  2. Click on the same spot on the welcome screen 6 times to enter QR code mode.
  3. Connect to a WiFi network.
  4. Scan the QR code

Once the QR code is scanned successfully, our device will get provisioned using the policy settings that we created before. This will also force install our app to the device automatically.

Conclusion

Once the device enrollment process is done, our device is now ready to be run as a full enterprise-managed device which can be monitored and managed by the enterprise’s EMM console. You can now use the EMM dashboard to remotely configure the settings for the enrolled devices remotely.

Perfomatix | Product Engineering Services Company