Developing a Custom MDM Solution with Enhanced Data Security

Our client is a US-based company providing communication services to organizations with strict data security requirements. They needed a tamper-proof MDM solution with enhanced data security and limited device management capabilities for end users. The client also requested for this solution to have a centralized admin panel and a custom marketplace similar to the Google Play Store.

The client needed a tamper-proof MDM solution with enhanced overall data security and limited device management capabilities on the part of the end user. They also requested a centralized admin panel for managing and auditing all tablets with the MDM solution installed. Additionally, our client decided to implement a custom store-like service with a rich selection of safe and useful media content. This would help them expand the range of services they could offer their end users. Throughout the project, the team had to handle two major challenges: 1. Ensuring smooth integration without access to tablet firmware source code- This project relies on custom tablets manufactured by a third-party vendor. Unfortunately, the client’s vendor refused to provide us with access to the tablet’s firmware source code and insisted on implementing all firmware changes themselves. Furthermore, the speed and quality of the vendor’s work didn’t always meet our expectations. We overcame this challenge by configuring an Android 9.0 environment that mimicked the known parameters of the custom firmware. Based on our analysis of this environment and its behavior, we composed highly detailed requests for the third-party vendor’s team to implement. 2. Addressing issues caused by the Firebase Cloud Messaging protocol- Based on the initial information we had about the project, we decided to implement device–back end communication using the Firebase Cloud Messaging protocol. However, when we started implementing this solution, it became obvious that the Firebase Cloud Messaging protocol wouldn’t fit the needs of the product. Our developers dealt with multiple integration issues, such as undelivered device commands and failed Firebase connection attempts. While we have found quick fixes to these issues, such as implementing a command delivery confirmation mechanism, these measures are temporary. To ensure flawless performance of the MDM solution in the future, we’re now evaluating other communication protocols. We plan to switch to Azure IoT or Ably with the release of a new product version.

The development team included Android, frontend, and backend developers as well as quality assurance specialists. We analyzed possible scenarios for mobile device management implementation that would meet all of the client’s requirements. We discovered that the only way to build the solution our client wanted is by changing device firmware. Therefore, we offered to customize tablet firmware in a way that would allow our client to: - Prevents users from rebooting, resetting, loading in safe mode, or turning off the device - Disables user access to device settings - Prevents users from establishing any unauthorized internet connections - Provides admins with access to managed devices via the admin panel