nextcloud / server

☁️ Nextcloud server, a safe home for all your data
https://nextcloud.com
GNU Affero General Public License v3.0
27.29k stars 4.06k forks source link

Mobile Device Management (MDM) Integration Features for the Enterprise #154

Closed b1ggjoe closed 2 years ago

b1ggjoe commented 8 years ago

@LukasReschke and Team,

Following up on a 'closed' issue here: https://github.com/nextcloud/server/issues/144

Since we're looking at bringing some of the more 'Enterprise' features to Nextcloud, what about the topic of integrating with MDM or Mobile Device Management platforms such as:

Within the circles that I travel, I work with MANY Enterprise customers (Commercial, Education, Government, you name it).

One of the single most important topics that they have to deal with is BYOD strategies. Many organizations are having a difficult time on whether to provide 'company-issued' mobile devices and/or provide the venue for employees to bring their own smart phones or tablets and provide a way to allow them to leverage their devices to access and utilize company data.

The largest single fear, is how to safeguard and secure company data from employees who leave the company and so forth.

One File, Sync and Share platform that targets the Enterprise market and who I've personally worked with, is a company and product called: Syncplicity.

As an example, this is one of their touted features: https://www.syncplicity.com/features/

They have two categories: Users and For IT.

Under For IT, you'll find a whole host of Enterprise features, as an example.

However 'MDM' integration is by far one of the more popular and most important to the Enterprise landscape.

Just my thoughts.

BJ.

Spacefish commented 8 years ago

Guess the main feature would be provisioning of the app, so the user does not have to login / know the URL of the Nextcloud installation. Maybe this is easily possible, with existing MDM systems, by just reading a file in the app if no configuration is present and thereby provisioning the app. The MDM system just has to push the .apk package and write a file with the url and credentials to the /sdcard ?!

jasonbayton commented 8 years ago

It would be good to know what "Mobile device management integration with AirWatch, MobileIron, and Good Dynamics" means in practice. SSO? invidiual app policy via an SDK?

Agree with @Spacefish though, ability to prepopulate the NC server address and user credentials via LDAP shortcodes ($userid$, $emailaddress$, etc) would be super nifty; as too would sharing controls. MobileIron for example allows for the restriction of open-in or copy-to via app-connect policies the app would have to be compatible with:

regio55n

Good on the other hand being a container solution can control this without app modification to only allow sharing and opening with other apps in the container.

oparoz commented 8 years ago

I think this topic is still too broad. It's not too complicated to deploy a NC client to a container and apply some restrictions on sharing outside of it, etc., that's something that any company could do using the most popular platforms. The NC client is just another app on the work side. Also, the best EMM suites comes with EFSS, so is there really a need to replace that instead of making sure both systems can communicate?

For businesses using a pure MDM solution, it seems that most of the interesting features of Syncplicity, will be available in the web GUI at some point, so once the logic is in place, it shouldn't be too difficult to implement the client side in the mobile apps. I would open separate feature requests in those repositories with links to the same requests opened in the server repo.

szaimen commented 3 years ago

I am going to close this since there doesn't seem to be a lot of interest and no respond since around 2 years. Please reopen if you still want to implement this.

CarlSchwan commented 2 years ago

I will close this since there doesn't seem to be a lot of interest and no response for around 2 years. Please reopen if you still want to implement this. PR are still welcome :)