Skip to table of contents

    MDM for using government mobile apps

    What is MDM?

    Mobile Device Management (MDM) software in the NIC Email Services helps to install government work applications such as Mail, OneAuth, etc., in the users' mobile devices safely and securely. 

    Why is MDM required?

    1. The Government mobile work applications such as Mail, OneAuth etc., will not be available in the public Appstore/ Playstore from where usually you download applications.
    2. This is done to prevent the spoofing of these applications and keep a check on the download of random look-alike applications from the internet.
    3. Hence, the distribution and installation of the applications is done through MDM in the devices enrolled for the purpose.

    Will MDM monitor my personal mobile space and applications?

    1. No, the MDM application will not monitor users' mobile behaviours.
    2. It only binds the users' device details with their account that is used to enroll their device for securely installing the government work applications. 

    Primary purpose of MDM

    1. To install government work applications such as Mail, OneAuth, etc., securely.
    2. To auto-update applications to keep them secure.
    3. To remote-logout from the work applications in case of device loss or theft.
    4. To  enforce strong pin/ password for the work applications installed via MDM.

    What data is collected?

    1. Serial Number (for iPhones and iPads only)
    2. Device IMEI (for iPhones and iPads only)
    3. List of government work applications installed via MDM

    This data is mandatorily required by the NIC enrollment services to successfully complete the device enrollment process.

    What data is NEVER collected or monitored?

    1. Pictures / videos from your gallery will not be accessible
    2. Browsing history will not be monitored
    3. Call logs and call recordings will not be monitored
    4. Text messages will not be accessible
    5. List of apps you use personally will not be scanned
    6. Saved passwords in personal space will not be accessible
    7. Data or documents maintained in personal apps will not be accessible
    8. Any other data or activities in your personal space or applications will not be monitored or accessed.

    Permissions required by the MDM app on Android phones and Tablets

    MDM app on Android requires the following permissions during device enrollment:

    • Camera - to scan QR code to enroll with NIC eMail MDM services
    • Notifications - to notify you about enrollment completion

    Other permissions will not be required or prompted to you.

    Device Enrollment Procedure

    Common Prerequisites

    1. Please ensure that you have proper connection to internet on your device.
    2. Make sure your work laptop or desktop is available with you so that you can login to NICeMail from the computer browser where the enrollment QR code is available.
    3. In general, all iPhones and iPad devices are supported. Most Android models are supported, unless they are very old. 

    Device enrollment for Android devices

    Note: 

    • The enrolling device must be running Android OS version 6.0 or later versions.
    • Android devices come in various models and brands such as Samsung, Panasonic, Vivo, Motorola, Lenovo, Oppo, OnePlus, and more.
    • However, some device models are tested and recommended for official use where work data is secure. They are termed as Android Enterprise Recommended devices. You can check if your device model is listed here.
    • It is strongly recommended to use one of these device models to enroll and access Gov Mail and official apps.

    Follow the below steps to complete device enrollment on Android devices:

    1. Download the ManageEngine MDM App from Google Play Store.
    2. On your work laptop/desktop browser,
      • Log in to https://mail.gov.in/ and click your profile picture in the top right corner.
      • Go to Mobile Apps and click the Android button to view the QR Code for enrolling Android devices.
    3. Open the  ManageEngine MDM app downloaded on to your device.
    4. Click Scan QR Code to enroll your Device.
    5. Click Proceed and follow the onscreen instructions to set up your work profile.
    6. Wait till your work profile gets created. You will receive a notification about enrollment completion. 

    Once the enrollment is finished, Gov Mail and Gov OneAuth apps will be installed automatically. You can access the downloaded apps in your phone's work profile section.                   

    iPhone and iPad device enrollment steps

    Note:

    • All iPhone and iPad device models with any of the following minimum OS versions:
      • iOS 7.0 and above
      • iPadOS 13.0 and above
    • Note that iPad devices can run either iOS or iPadOS depending on the device model.
    • You can check your device OS version using the following steps: Open Settings -> General -> About. You can see the iOS or iPadOS version number here. 

    Follow the below steps to complete self-enrollment on iOS devices:

    1. On your work laptop/desktop browser,
      • Log in to https://mail.gov.in/ and click your profile picture in the top right corner.
      • Go to Mobile Apps and click the iPhone button to view the QR Code for enrolling iOS devices.
    2. Open the camera app on your iPhone and scan this QR code to start enrolling the device. Make sure to open the link in Safari browser.
    3. Click Download profile to download a configuration profile and click Allow when prompted.
    4. Once the profile is downloaded, open the settings app on your device and select the downloaded MDM profile at the top of the settings listing.
      • If you can't find it, navigate to the Settings > General > VPN & Device Management section in your device and select the downloaded profile.
    5. Click Install in the installed profile page.
    6. When prompted, Do you trust this profile's source to enroll your Iphone into remote management?, click Trust

    Your device is now successfully enrolled. You will automatically receive prompts to install Gov Mail and Gov OneAuth apps. If not, you can manually download the Gov Mail, Gov One Auth and other desired apps from the App Catalogue downloaded in your device. All the installed apps will be available in your mobile's apps section. 

    Device Unenrollment

    Note

    Unenrolling your device will delete Gov Mail and official apps and data from your device. If you are using OneAuth MFA then please note that if you remove OneAuth, then you may lose access to your email account on all devices!

    It is not recommended to unenroll devices on your own without setting up a new device with OneAuth properly. Please contact your IT Helpdesk at helpdesk-email@gov.in if you are considering switching to a new device or no longer need access to official apps and data on this device.

    Please refer to our MDM device enrollment FAQs & Troubleshooting guide for more answers to common questions and solutions to issues during the Device enrollment process.

    PREVIOUS

    UP NEXT