Android zero-touch enrollment provides an easy, quick and secure way to set up and deploy Android-based enterprise devices. In this article we explain what the advantages and requirements are and how it works.
What Is Android Zero-Touch Enrollment?
Android zero-touch enrollment is a Google-optimized process for easy, fast and secure deployment of corporately-owned Android devices. With Android zero-touch enrollment, IT can configure smartphones and tablets online and add management settings without having to touch devices. Employees can receive their new, fully configured equipment in its original packaging and can put it into operation straight away.
Here are the advantages of zero-touch enrollment at a glance:
- Mass deployment of Android devices
Android zero-touch enrollment eliminates the need for manual configuration of individual devices. This enables the IT department to roll out large numbers of devices in no time at all. - Use of new devices out of the box
Employees can simply unpack their new equipment and get started immediately. After starting and logging on to the device, all pre-assigned apps and configurations, such as for e-mail, WLAN and VPN use, are immediately available to the user. - Direct control and management by the IT department
Automatic device registration with the enterprise mobility management system ensures that IT maintains control over installed apps, profiles, policies, and data right from the start.
Requirements for Android Zero-Touch Enrollment
To use Android zero-touch enrollment, companies must meet the following requirements.
- Zero-touch enrollment compatible devices
Android zero-touch enrollment requires compatible devices with Android Oreo (8.0 or higher) or Pixel devices with Android Nougat (7.0 or higher). You can find a current list of devices in the Android Enterprise Solutions Directory. - Purchase of the devices via an authorized reseller partner
The devices must be purchased through a Google-authorized mobile operator or reseller. A list can also be found in the Enterprise Solutions Directory here: Zero-touch resellers
- An EMM/MDM solution that supports Android zero-touch registration
The Android zero-touch enrollment only works in combination with an enterprise mobility or mobile device management solution. This must support the Android zero-touch enrollment.
Cortado is official zero-touch EMM partner
Cortado MDM meets all “advanced zero-touch enrollment” requirements and is listed by Google as an official zero-touch EMM partner solution.
Cortado MDM – Free Trial »
Android Zero-Touch Enrollment – First Steps
Thanks to contactless deployment, it only takes a few steps for new, corporately-owned devices running Android to be fully configured and ready to use in their owners’ hands. This is how it works:
- Buy through a Google Authorized Reseller Partner
If you are purchasing equipment from a reseller partner for the first time, they will first set up an account in the zero-touch portal for your organization. Here, they store the IMEI or serial numbers of all purchased devices.
- Perform EMM configuration and user assignment in the zero-touch portal
Now log in to your organization account in the zero-touch portal. Create your EMM configuration and then assign the configuration and the respective user to the devices. - Get the devices ready and give the start signal
When employees turn on their new device for the first time, the device checks to see if it has been assigned an enterprise configuration. The deployment method for fully-managed devices is started and the associated Device Policy Controller app is installed. The device is then automatically registered in the EMM system and – after the user has logged in – all assigned apps, profiles and policies are imported.
Android zero-touch enrollment with Cortado MDM
How to set up and configure the zero-touch configuration code
when using Cortado MDM,
this step-by-step guide shows you how to do this in detail:
Setup Guide »
Conclusion
Android zero-touch enrollment is a significant relief for IT administrators when it comes to large-scale deployments of corporately owned Android devices. Compared to manual methods, such as setup via NFC, EMM tokens or QR code, contactless provisioning is a significant improvement in terms of speed, simplicity and security. And employees will also be delighted when they receive their new smartphone in its original packaging and no longer need help-desk calls to put their new device into operation.
An overview of Android device management, including all the most important features can be found on our blog.