Microsoft has recently released a major update to the Windows Update catalog back-end, adding crucial information such as CVEs (Common Vulnerabilities and Exposures) addressed by the update and the CVE Score directly info API. This information is essential for Threat and Vulnerability Management decisions as well as Patch management and many organizations pay $$ for... Continue Reading →
Integrating Workspace ONE reporting with PowerBI
Last week one of my customers asked if Workspace ONE data could be used in PowerBI. Since Workspace ONE Intelligence Reports are included in every WS1 edition and are accessible via API - this is the easiest way to expose data to external systems. But how exactly? Even though I've never used PowerBI before, after... Continue Reading →
Adding FIDO2 + Windows Hello fingerprint auth to Workspace ONE
This will be a short "recipe" type of post on how to showcase a new feature that was introduced in latest Workspace ONE Access SaaS release (sorry, no news for on prem now): FIDO2 auth. The video shows Yubikey, which I don't have, so I will be using Windows Hello (which in turn will use... Continue Reading →
App version management in Android Enterprise – Managed Play Closed Tracks and their nuances
If you think my titles are wordy, check the official title of good old Robinson Crusoe! Anyway, today we will look at two important things: Using Managed Google Play feature called Closed Tracks to control app versions and update cycles in two scenarios:Multiple "deployment rings" for different device groupsDeveloper having customers with different update cyclesImportant... Continue Reading →
Device Compliance with Identity Manager – the less obvious implementation details
Everyone likes the idea of Device Compliance checks. It allows us to differentiate between Company-issues, BYOD-enrolled, private and totally foreign devices, assess their security posture and execute access decisions based on this vital data, expanding our Conditional Access options. It is also extremely easy to use, just like that (VIDM Admin Console): Device Compliance can... Continue Reading →
Google Play Managed iFrame in Workspace ONE UEM (AirWatch) – App Collections
In two previous posts dedicated to the Managed Google Play iFrame we have covered Private Apps and Web Apps. The last feature of the iFrame interface is called Collections and allows you to organize the Work Play Store app layout, as well as shoot yourself in the foot a few times... As usual, the Collections... Continue Reading →
Google Play Managed iFrame in Workspace ONE UEM (AirWatch) – Private Apps
In this post I will show a simple way to manage Private (Internal) Android Applications in Managed Play Store with WorkspaceONE UEM (AirWatch) using the Play Store Managed iFrame. This is important since it's basically the only way to push Private apps to Android Enterprise Work Profile or COPE devices. Android Enterprise is awesome, but... Continue Reading →
Securing work contacts while keeping caller ID 03: iOS with Boxer
I had a week of customer meetings, each (literally!) asking the same question: "How can I prevent WhatsApp from grabbing the corporate contacts on my device?" In this series of posts we will explore the options of deploying corporate email/contacts/calendars with the goal of maximal work/personal contact separation, while trying to minimally impair the user... Continue Reading →
Securing work contacts while keeping caller ID 02: Android
I had a week of customer meetings, each (literally!) asking the same question: "How can I prevent WhatsApp from grabbing the corporate contacts on my device?" In this series of posts we will explore the options of deploying corporate email/contacts/calendars with the goal of maximal work/personal contact separation, while trying to minimally impair the user... Continue Reading →
Securing work contacts while keeping caller ID 01: Android vs iOS
I had a week of customer meetings, each (literally!) asking the same question: "How can I prevent WhatsApp from grabbing the corporate contacts on my device?" This happens more often than you think – the infamous GetContact collected over 3.5B contacts in just a few months, all of which were officially available for sale! With GDRP... Continue Reading →