Protecting Enterprise Data with an Okta Mobility Management Managed Open-In Poli Skip to main content
https://support.okta.com/help/blogdetail?id=a67f0000000tvodiaw&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fblogdetail
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.

Protecting Enterprise Data with an Okta Mobility Management Managed Open-In Poli

Aug 21, 2015 | by Niki Vecsei in Mobile

Original Author: Arturo Hinojosa, Sr. Technical Marketig Manager, Okta

One of the top requirements for any EMM solution when enabling BYOD is being able to keep enterprise data separate from personal data. Traditionally, EMM solutions have done through containerization. While that solution technically works, it creates friction with both end users and developers. For end users, it may require them to access email and data through proprietary applications, instead of the apps the want to use (their preferred email client, Box, etc.). For developers and ISVs, it may require them to author EMM vendor specific versions of their applications, complicating releases and maintenance.

 

When Okta designed Okta Mobility Management, we set out to create a solution that did not require any one to implement an Okta specific SDK, or force end users to use apps they didn't want. Instead, we protect enterprise data using the native security libraries built directly into the OS. For iOS, we take advantage of the managed open in policy. Enabling managed open in is easy.

 

Open the Mobile policy editor in the Okta admin console. The Mobile policy editor can be found by navigating to: Security > Policies > Mobile

Okta Mobility Management Policies

 

 

From there, create or edit your mobile policy. This will launch the policy editor. In the policy editor scroll down to the DATA SEPARATION POLICY section. By simply checking the Deny unmanaged apps to open in managed apps check box for Open-in management setting, you can block unmanaged applications from appearing in the Open-in menu within a managed application. For example, a user cannot open or save a PDF attached to an email sent to a managed account in a personal app such as Facebook.

Okta Mobility Management has several security policies designed to help our customers offer BYOD to their end users without sacrificing security.

Comments