Hi Kelvin,
In my opinion, if you want to secure the company's data, you should use the MDM app.
As you're working with the owner's the devices, you should make them aware that they are accessing company data on their personal device and that it's not more than normal to secure it.
On the other hand, you should create a BYOD policy which protects the company's data, but doesn't touch any other aspect of the users' devices.
Also think about the users' privacy and disable Maas360 localisation and eventual other things that might disturb users.
Afterwards, you create a document which briefly, but clearly explains what the MDM does on their device, which you hand to the users so they can understand all what's going on.
If some do not agree... then that's their problem and they don't have to ask to use the company's mail on their device...
With the Verse app only, you can do some securisation using a Traveler policy, but potentially not enough for your security matters.
Hope this helps you choosing.
------------------------------
Thibaud Maes
------------------------------
Original Message:
Sent: 02-26-2019 10:36 PM
From: kelvin chan
Subject: Use MaaS360 with IBM Verse for staff's own mobile devices to increase security
My company is going to allow all staff to install IBM Verse (to access work email in company's IBM Notes Traveler Server) on their own mobile devices. Before that mobile device management must be implemented to increase security.
MaaS360 is one of the considerations for mobile device management. We are evaluating it to our environment, and having some quires:
As per "IBM MaaS360 Mobile Device Management (MDM) Installation Guide Version 2, Release 2', devices can be managed by an agent installed on the device or through platform-specific management tools. We prefer the latter solution that devices will be managed through platform management tools using the IBM MaaS360 Cloud Extender, meaning NO agent (the IBM MaaS360 MDM apps) will be installed on staff's own mobile devices. (we would like to avoid installation of any additional apps on their own mobile devices)
Nevertheless, as per https://www-10.lotus.com/ldd/dominowiki.nsf/dx/Using_MaaS360_with_IBM_Verse_for_Android_devices", "MaaS360 MDM for Android v5.0 application, and/or MaaS360 MDM for Samsung v5.0 application" is a minimum requirement for using MaaS360 with IBM Verse for mobile devices. That means an agent inevitably has to be installed, even though IBM MaaS360 Cloud Extender is installed?
Or put it this way, for IBM Verse application for mobile device to be managed by MaaS360 Mobile Device Management, the following 3 main components are sufficient? (without the MaaS36 agent to be installed on staff mobile device) 1) IBM Verse application on staff mobile device, 2) IBM MaaS360 Cloud Extender in corporate network/DMZ, 3) IBM MaaS360 Virtual Appliance in corporate network/DMZ
------------------------------
kelvin chan
------------------------------