No Matches Found!
Try with a different search term
Hi
I would like to know, how do I get noticed as an admin, when a client is switched off his mobicontrolled mobile, then removed SIM card, then used it somewhere personal. After that inserted back to the original mobile and Switch ON. He might have drained the data package on SIM which Mobicontrol not aware, because all these done while the mobicontrolled mobile is switched off.
How we can address this issue?
Thank you for your input.
You can use alert rule(s) to detection SIM card change/removed/inserted events if the Mobicontrol device agent remains in enrolled state (and not switched off allowed by some insecure policy configurations or in some insecure enrollment modes). When the device eventually get online, the alert will be triggered, though may have been delayed for quite some time.
If the device has the MobiControl device agent disabled/unenrolled by end-user who intend to use the device as a personal device without MDM control, the best defense is to use a server-side out-of-contact alert rule to alert administator about device which hasn't been synchronizing status with the server for a few days or for 2-3 weeks. As the default scheduled sync interval is every 2-hour (which can be reconfigured to be shorter in Advanced-Configuration), it is very unlikely that a device can get sync'ed for such long period of time if it is powered up and used normally during office hours. Some exceptions can be an end-user who has been off for a long vacation, or an end-user who keep the device off in a locked drawer because he/she does not need the device for any work-related tasks. With such OOC alert rule configured, an administrator can at least get email from the server about potential device with possible problem.
On Android devices, one can also deploy a device-side OOC policy with one or more time thresholds to tighten control on the device if it has not been sync'ed to the MDM server for predefined time period(s). As the associated scipt(s) for tightening actions are pre-pushed to the device, a device intentionally made offline for extended period of time can still be protected. However, this of course won't work if the MobiControl device agent has been disabled/unenrolled. That's why company-owned devices that do not intended to be converted to personal use should NOT be enrolled in the less protected enrollment modes in which the Mobicontrol device agent can be disabled/unenrolled or the device can be factory-reset/wiped without being automatically re-enrolled back to the secured state (using mechanisms such as Google Zero-Touch-Enrollment, Samsung KME, Apple DEP/ADE, etc.).
Hi Basheer,
I agreed Raymond's answer that alert rule(s) to detection SIM card change/removed/inserted events will help.
Please try and update us.
Shouldn't the device, netherless which SIM is inserted, connect to your Mobicontrol?
So, the device should be visible as online and just showing up the SIM card changed in the log which can shown to you as Raymond still wrote with an Alert Rule.
You can also see in the Android menu the mobile data used from the (original) device.
So, if mobile data left on the SIM doesn't compare to the used data on the mobile device itself, you have the proof that the mobile data was used somewhere else.
