Elements Mobile Protection iOS app with Microsoft Intune MDM
A collection of short easy steps to get started in taking the product into use
Follow the steps below to deploy the WithSecure Elements Mobile Protection app with Microsoft Intune MDM to iOS devices.
Step 1 - Adding the iOS app to Microsoft Intune MDM
Before you integrate WithSecure Elements Mobile Protection with your MDM, make sure that the following prerequisites are met:
- You have enrolled your end device
- You have set the profile with policy restrictions
Note: WithSecure does not provide support for or instructions related to profiles and policies, unless specifically mentioned.
- An internet connection for setting up the VPN and permissions for the files
- A valid WithSecure Elements Mobile Protection subscription
To add the app to Intune MDM:
- Log in to your Microsoft Intune portal.
- Select Apps > iOS/iPadOS > Add.
The Select app type pane opens.
- From the App type drop-down menu, select iOS store app, and then choose Select.
- In the Add App view, select Search the App store.
The Search the App Store pane opens.
- In the Search field, enter WithSecure Mobile Protection.
- Select WithSecure Elements Mobile Protection > Select.
The Add App view opens.
- In the App Information tab, select Yes to show WithSecure Mobile Protection as a featured app in the Company Portal, and select Next.
- In the Assignments tab, under Required, select Add all users, and select Next.
- In the Review + create tab, select Create.
- When you are done, on the Add App view, select OK.
The WithSecure Elements Mobile Protection app has been added to Microsoft Intune MDM.
Next, add the app configuration policies.
Step 2 - Adding the iOS app configuration policies
Instructions on how to add the WithSecure Elements Mobile Protection configuration policies for managed iOS devices.
To create an app configuration policy:
- Select Apps.
The Apps overview pane opens.
- Under Policy, select App configuration policies.
- Select Add > Managed devices.
The Create app configuration policy pane opens.
- In the Basics tab, do the following:
a. In the Name field, enter WithSecure Mobile Protection.
b. From the Platform drop-down menu, select iOS/iPadOS.?
c. Next to Targeted app, select Select app.
The Associated app pane opens.
d. Select WithSecure Elements Mobile Protection and select OK > Next.
The Settings tab opens.
- Do the following:
a. From the Configuration settings format drop-down menu, select Use configuration designer.
b. For the value types, refer to the “Use the configuration designer” section.
c. Select Next
The Assignments tab opens.
- Under Included groups, select Add all users and select Next.
The Review + create tab opens.
- Select Create.
The app configuration policy was created and assigned.
You need to install the app on an iOS device.
Step 3 – Use the configuration designer
You can use the configuration designer for apps on devices whether they are enrolled in Intune.
The designer lets you configure specific configuration keys and values. You must also specify the data type for each value. For each key and value in the configuration, set:
- Configuration key - The key that uniquely identifies the specific setting configuration.
- Value type - The data type of the configuration value. Types include Integer, Real, String, or Boolean.
- Configuration value - The value for the configuration.
The following key and value are mandatory for WithSecure Elements Mobile Protection license activation. Log in to the Microsoft Endpoint Manager administrator center.
Example. The actual value is provided by the reseller.
End users are not able to switch VPN off from the WithSecure Elements Mobile Protection app nor turn off individual protection features. Read more about the details and limitations with this feature from Keeping VPN switched on automatically.
The following optional keys help to identify devices on WithSecure Elements Endpoint Protection portal. Use Microsoft Intune dynamic variables to get suitable values. We have found the following keys and values working with Microsoft Intune.