IBM MaaS360

 View Only

Improved action execution times in Direct Boot Mode for Android devices managed by MaaS360

By Anish Kothari posted Fri September 20, 2024 01:22 AM

  
 

Direct Boot Mode

In 2016, with Android N (Nougat/7.0), a specialized environment called Direct Boot mode was introduced by Google for the Android OS.
Once an Android-powered device is switched on, it boots into Direct Boot mode before the user unlocks it with their screen lock authentication mechanisms for the very first time. In this specialized mode, while the OS is fully functional, access to any app’s private data is fully restricted and only apps that have been updated to be Direct Boot aware are allowed to run. 

Subsequently, for effective device management, MaaS360 had provided support in Android Enterprise solution sets for the following actions to be executed in Direct Boot Mode.

  • Reset Password - This action helps in quickly recovering a device and preventing loss of productivity when the end user has forgotten the password or has been locked out because of multiple incorrect attempts.

  • Wipe - In scenarios where the device is deemed to be lost/misplaced/stolen, a remote wipe can be triggered to help reduce the risk of leaking corporate data.

Existing Behaviour

Both the Reset Password and Wipe device actions would get executed in a time window of 0 - 4 hours depending on when the action was initiated as well as when the device booted into the Direct Boot mode. This relatively high execution window was because although Google introduced Direct Boot Mode several years ago, there was a lack of support for FCM (Firebase Cloud Messaging).
FCM is the default messaging channel used for server-to-device communications on Android devices. Because of this constraint, the MaaS360 agent on the device could only execute any queued actions on the device after a successful periodic sync with the MaaS360 portal.

Improved Behaviour

After a wait spanning several years, Google has finally added support for FCM in Direct Boot Mode. MaaS360 now leverages this enhanced functionality to deliver both Reset Password & Wipe actions in near real-time on target devices. Once the action is enqueued and the device is online with good network coverage, the actions will be executed within a few minutes.

Prerequisites

  • MaaS360 Android Agent 8.65 or higher

  • Target devices must be compatible with Direct Boot mode

  • Target devices must be online with adequate network coverage

0 comments
55 views

Permalink