Our Mobile Blog

about mobile in business and technology


Work mode: off !

It was all over the press mid June in Flanders, there are just too many people with a burn-out.
We might agree mobile devices are quite addictive and are not helping in the fight against this burden.
For most of us the smartphone is glued to our hand, and the constant news flow in social media, email

and other apps satisfies our curiosity all the time.

Hence the problem, “all the time”.
At mobco we recognise we are partly responsible for creating this problem.
We want to enable flexibility for your employees, so they can read email on the go, access documents etc.
But we need to help out those who feel they’re loosing control and just can’t resist reading business mail during the weekend.
That’s why we have introduced the “Work Switch”.
It’s simple and doesn’t need any training.
When you hit the switch on your smartphone, you will no longer receive business mail and you will not be able to access documents or intranet resources.
Hitting the switch again will enable all connectivity, back to work!
Contact us if you need more information on this feature!



Congratulations, you have made the right choice!

Gartner traditionally publishes its Magic Quadrant report just before summer to name and shame the Enterprise Mobility Management vendors. The ranking indicates their ability to execute, deliver upon promises, and completeness of vision, their portfolio.
The most important inclusion criteria are a broad OS support, MDM, MAM features with at least 8M USD in revenue and 5 production references.
Only 13 vendors have made this year’s MQ, that is half of the number we saw 7 years ago, the first time this report was published!

At mobco we focus on the balance between three “powers” to make a mobile project successful; IT operational efficiency, security and user experience. We are very pleased to see these “powers” are also reflected in the Gartner evaluation and we clearly have selected the right partners to enable mobile IT.

Two companies with a remarkable stamina in the leaders quadrant are Airwatch, now VMware, and Mobileiron, the only standalone vendor in this part of the quadrant.

In our business, focussing on the enterprise and large organizations where security is top of mind, we are very pleased to see our partners on top of the stack!
Aside VMware and Mobileiron, the obvious leaders and forerunners in this market, we also see IBM and Blackberry.
Blackberry, still present thanks to the successful integration of Good Technologies, means business for managing mobile apps and IOT.
The big surprise is IBM with MaaS360, offering only a SaaS solution with an older feature set and lack of support for the latest iOS and Android version.

Companies in the “visionaries” quadrant include Microsoft and Citrix.
Incomparable offerings, but still closely positioned to one another, where the vision of Microsoft is clearly Office 365 oriented.
Citrix is for the first time in 5 years no longer present in the leaders quadrant.

In conclusion:
– the number of participants in the MQ is decreasing each year, illustrating this market is maturing
– focussed companies provide better and faster product support
– service quality in EU is offered through specialist partners, enabling more than the regular single vendor product stack

This last item is not reflected in the MQ of Gartner, but does represent a clear value for you, our customer. We bring you the best of breed EMM technology and we complete that with specific solution tailored to your needs!

This report is available for download on several vendor websites, this is the link to Mobileiron.
Apologies for not being able to provide a direct download.



Take control over your mobile devices before ‘they’ do!


Mobile devices are potentially next on the hacker’s list – it’s time to act and secure the mobile devices!
Join us on June 6th to get back in control.

In too many cases IT is seen as the ‘guys who restrict everything’, and in a lot of those cases that’s true – for a reason.

If IT wants to avoid bad things from happening, such as the ones we’re experiencing with the global ransomware attack, they need to close as much doors as possible. But how many ‘doors’ are that and how can we continue to ‘work’ while all ‘doors’ are closed?

An interesting comparison everyone can make in its company is between the security rules and measures on mobile and on PC. Knowing that only a fraction of the mobile devices being used for work are actually managed in some form, the results should be staggering… Where most PC’s are managed in a company, the mobile devices are ‘less’.
At the same time we see global hacking campaigns targeting PC’s (including business PC’s) with ransomware.

The success on PC’s is due to two facts:
– it’s easy due to the architecture of the platform
– there are a lot of those around

We could say the same thing for mobile devices, but the first one is certainly NOT true.

On PC’s the restrictions imposed by IT are also experienced as very restrictive (a typical employee can not install a private application) but is not very secure. Content from ‘outside’ can still be downloaded and infect the entire system, because the platform is designed that way.

On mobile devices the restrictions imposed by IT only affect corporate apps and data, the employee is in full control over his device and can install any app he or she likes – without any impact on the security of the device or corporate information.

On June 6th we are organizing an event with subject matter experts to dive into security, the GDPR link with mobile, because it’s important, but also to illustrate it should not be the final goal – it’s only the beginning of a business transformation where the employee experience plays a central role.





When a company is obliged by the EU General Data Protection Regulation to take all required measures to protect sensitive data, the mobile component can not be neglected.

Following recent studies only 9% of the companies deploy an Enterprise Mobility Management platform (EMM) to manage and control their mobile devices, which means over 90% of the companies out there are currently not taking any measures to secure data on mobile devices.

However, deploying EMM just to secure data is fine, but it’s only a small part of its full potential – even stronger – when deploying it only for security reasons it is perceived very quickly as being expensive, unnecessary and counter-productive… just the opposite of the technology is trying to achieve.
Security is actually just a nice “extra” you get as a user AND as a company.

EMM plays in three domains:
– it makes life more easy for IT because it is a tool to manage hundreds and thousands of devices without touching the hardware
– it secures data and shields the private data from the device for the company, what is corporate remains corporate, private remains private
– it provides the employee a brilliant user experience by automating difficult tasks, provides mobile access to internal resources, specific business apps, …

To make a long story short, EMM is the tool every company should deploy to meet the regulatory requirements for data protection, but the whole point of EMM is to enable your employees with better and more efficient tools, not to limit their experience.
EMM should enrich the employee experience, it should make their professional life better, more efficient.

EMM is about business transformation, an enabling platform to deploy mobile apps, provide access to internal content, … and also to meet todays security requirements!

On June 6th we are organizing an event with subject matter experts to dive into the GDPR link with mobile, because it’s important, but also to illustrate it should not be the final goal – it’s only the beginning of a business transformation where the employee experience plays a central role.




Berlin 31st of May

Join us on May 31st in Berlin for a deep dive into mobile technology.

Not often we have the chance to bring Mobileiron engineers and the IT staff of our customers together, this is it!

After several years, the US only event comes to Europe and lands in Berlin on June 1st and 2nd.
But since we want to promote the local networking and as a little thank you, we’re organising a traditional German dinner on May 31st.

Check the registration page for practicalities and don’t hesitate to register asap so you can benefit from the discounted rate.



Enrolling devices should take 0-effort

2017, a new year and new mobile aspirations!

In this first post of the year I would like to share some thoughts on the enrollment of devices.
This is the first action your employees take when they sign up for the mobile IT program to get mail, intranet, apps … and most of the time it’s not the best experience – time to change that.

Our objective for 2017 is to make the enrollment or activation of the mobile devices a 0-effort, easy and fail-safe!

How are we going to do that? By taking a very close look how consumer smartphones are sold today…
Think about how you installed a new PC a few years ago, after plugging in the hardware and figuring out what connector goes where, you booted the system and it asked for OS installation disks… It was a nightmare for most consumers and only the IT savvy few got their system to work – others called in help.
Imagine if Apple or Samsung shipped their smartphones and tablets with the message “please assemble, boot, insert an OS and good luck!”. The user experience but fail all the way and the volumes these companies have set in their targets would never be met.
So how do they achieve a better user experience ?
The way they approach the device activation is to minimise the user intervention – what can be preloaded on the device will be preloaded and settings we already know (or can derive from others) will be set.
It sounds all very simple, and the result is, the preparation is however a complex and labor intensive job.

When we take the next step and use these very same devices for our business, most of us aren’t performing all that well.
We ask our users to enter URL’s, download apps, set their username/password in multiple fields, … and every action we ask from them opens a new opportunity for a failed registration.
The further our users move in the registration process the more complex issues occur and the more expensive support becomes.


In the above schematic I have visualised 3 important phases in the device lifecycle, you would only expect the middle ‘run’ phase and final End-of-Life, but I have added a first one that comes BEFORE the unboxing of the device.
That’s right, before the employee removes the thin foil and switches on the device for the first time.

The green line indicates the effort device manufacturers are putting in when delivering new devices, that’s a lot before they actually ship the devices – and reduces over time to 0. They don’t care too much about the EOL of your consumer device.

Typically in business, the trend is reverse, we don’t think about the device until the moment it contains our information, and we see support increasing over time – we do worry about the EOL and full wipe of all enterprise data before the device is traded on a second hand market.
That’s the red line on the graph.

Our mission for 2017 is to put more effort in the configuration of the devices BEFORE these are unboxed.
The reason is simple: efforts BEFORE the activation are valid for all, efforts AFTER the activation are device-per-device support – we need this economy of scale to win.

With the Apple and Samsung Device Enrollment Program we have now the tools to do just that!
We can take control over the device during the activation and steer it towards our management server to ensure correct, easy and direct registration.
Yes, it takes more brain power to define the activation process, to technically describe every step of the registration process, configuration, apps, … but it does put the user experience on the next level.

Interested to learn how we can guarantee 100% success in device registration with 0-support efforts?
Curious how even the most non-tech people will be able to activate their smartphone for business without any assistance?

Contact us on info@mobco.be or join us on February 1st at Apple Belgium for a Master Class on their Enterprise Programs!



Warm Mobco Greetings!

Our Indian Summer running team at the Ekiden marathon.

Our Indian Summer running team at the Ekiden marathon.

This time of the year is a good moment to look back at all the initiatives we took in 2016 that go beyond IT and mobile business!

We decided in 2016 to focus on the Kom Op Tegen Kanker event. We sponsored Callebaut’s team and participated ourselves to the 1000 km bike event to raise money for the research against cancer and the aid to the patients.

Aside this major budget share, we also supported smaller local initiatives.
– To Walk Again foundation
– Ekiden marathon
… other smaller local initiatives

We believe in a quality and sustainable business, we focus on mobile technology and believe in organic growth, the better business we do, the harder we grow. But every year, we spend part of that budget to help others grow as well!

Season’s greetings,
The mobco team




EnterpriseFiles syncs content offline

0x0ss-85With the new release of EnterpriseFiles a new feature is available that was in high demand: offline documents!

Using standard configuration profiles pushed by the EMM server, the EnterpriseFiles app receives the instructions to download specific content locally.
This new feature allows your employee to access that content at all times, even when there is no data connectivity or access to the file server.

“Customers ask us to distribute emergency plans, but also how to ensure their sales people have the latest powerpoint presentations with them, with this new feature we have a simple tool to do just that!” says Ulrik Van Schepdael.
A simple yet powerful tool that allows the administrator to define what folders or files get synchronised to each device, the configuration can vary per user (using AD group membership or any other variable known by the EMM system).

Hint! Did you know you can create a webclip that links to a file or folder inside the EnterpriseFiles app?
Create a small icon for “Sales Presentations”, upload the icon to the user’s device and link it to the sales presentation folder in EnterpriseFiles. The user can now access the folder by simply tapping the homescreen icon, just as any other app!
You just created your own “Sales Presentations” app!

Let us know if you want to test-drive the app in combination with your per-app-VPN set-up!



Why the new Mobileiron release is big news !

With the latest 9.2 release of the Mobileiron CORE platform Windows 10 PC management, more iOS features and new Android for Work support bridge has been added!

Starting with the Windows 10 development: it means the Enterprise Mobility Platform is now upgraded with features that allow you to change Windows registry settings, deploy legacy W32 applications, GPO’s etc. It brings the same simplicity Mobileiron has developed for the mobile world to the PC world, one single dashboard and management for all
your end-user devices.
The way it works is simple and genius; a Mobileiron application called “Bridge” is being deployed to the Windows 10 computer, from that moment, it is that application that locally translates and executes the Enterprise Management specific tasks typically unavailable to traditional EMM systems.

New iOS features now available in the latest iOS releases are now included in the management capabilities, for enterprises the Cisco Fast Lane technology and the fact you can pre-define the default voice client are the most important ones.

Looking at Android for Work, this does represent a big step forward by making it possible to use Android for Work without a Gmail or joining  to a Google domain.
Combine this new feature with the fact that AfW comes by default on all new (current) Android versions, supports just any app and get updates straight from the Google source,… this means serious business for Android!

We believe that’s big news!

Details on the new Core v9.2. Release
OS Platform Enhancements
Android and Android for Work
  • Support for Android for Work Accounts
  • Display custom Terms of Service for Mobile@Work for Android registration
  • Support for Zebra silent install of apps
Samsung KNOX
  • Support KNOX Workspace as “Container-Only Mode”
  • Support for moving system apps into KNOX Workspace
  • Support custom APNs for Samsung devices
  • iOS 10 – Restriction for bluetooth
  • iOS 10 – WiFi – Cisco Fast Lane QoS marking
  • iOS 10 – WiFi – Captive bypass
  • iOS 10 – Set communication service rules audio for CardDAV, Exchange and LDAP
  • iOS 9.3 – Support for whitelist/blacklisting of apps
  • iOS 9.3 – Support for customizing Home screen Layout
  • iOS 9.3 – Support for Notifications customization for apps
  • iOS 9.3 – Support for sending customize message on Lock Screen
  • iOS – Option to auto update market/public Apps
  • iOS – Set wallpaper on lock screen and home screen
Windows 10
MobileIron Bridge
  • A brand new solution being introduced in Q416, MobileIron Bridge allows organizations to use the EMM-centric approach across all Windows 10 devices, including mobile devices and PCs/Desktops.  With Bridge, the IT organization now has the ability to secure and manage PCs in the same manner than they do mobile devices using EMM, and experience greater speed and efficiency and significant operational cost reduction when compared to using traditional PC management tools.
  • In short, for any organization that previously had any objections to using EMM to secure and manage PCs due to missing functionality, MobileIron Bridge effectively closes any pending gaps and addresses those objections.
Silent Installation of Windows Store Applications
  • Admins can now silently install Windows Store applications to AAD enrolled devices
Health Attestation for On-premises and Server 2016
  • Adding the ability to use either Cloud or On-premises DHA
Remote Reboot of Devices
  • Adding ability for admins to remotely reboot a device from the Core interface
Enhanced Device Details
  • Also admins can view if Windows defender is up and running and if the Virus definitions are up to date
Greater Usability:  Enhance the IT
  • A newly redesigned Apps@Work user experience that provides a more modern design and easier discovery of apps.
  • Enhanced delegated administration capabilities that provide better user segmentation when creating spaces using LDAP groups as the key space criteria.
Enhanced Scalability and Extensibility
  • Support for new certificate authority GlobalSign that gives our customers more options in securing and managing mobile devices.
  • Support for Blue Coat’s MDS service for iOS devices to provide network-based application controls, real-time threat analytics and encrypted communication.
  • Custom device attributes and variable substitution capabilities now offers tremendous flexibility in terms of how partners and customers can create custom attributes and substitute in those attributes as part of new configurations.  This enhances both efficiency and security.
  • Support for enforcing more secure AppConnect passcode for users
  • Support for biometric authentication for AppConnect passcodes on Android
  • Support for encryption of sensitive information contained in Policies and Configurations exported from Core and imported into Core.
Cisco ISE (Identity Service Engine)
  • Support for API structure that corresponds to Cisco ISE v2 specifications
MobileIron Standalone Sentry v8.5.0

Audit log to Syslog — Standalone Sentry access log information
(device, user ID, resource, response) can now be sent to a syslog server.

DFS document updates — Docs@Work users can now upload and create documents on Distributed File System (DFS) servers.
This is enabled by default on Sentry.

Outbound Proxy support (MI Cloud & Access) — Administrators
can now enable an outbound proxy where a proxy exists between Sentry when registering to MobileIron Cloud or Access.

Support for iOS Tunnel split-tunneling — Administrators can enable split-tunneling for iOS Tunnel using MobileIron Access and Sentry.

UI for Ciphers/Protocols for EMM and Access  — Ability to
configure the ciphers and protocols needed for Sentry communication with MobileIron Core, MobileIron Cloud, or MobileIron Access admin portal.

Configurable password failed attempts — Administrators can configure the maximum number of failed password attempts and the time delay for retry.

Configurable password complexity requirements — Administrators can configure more complex password requirements,such as one or more special characters, one or more upper case letters, minimum password length, saving password history.




There is no flight mode for work!

We don’t think you should work all the time, but we do believe you should have the freedom to choose when and where you work. That’s also in flight, above the clouds…

In an article in the in-flight magazine of Brussels Airlines we describe the mobile journey of a typical enterprise, starting with the simple management of devices up to mobilization of all corporate information through apps.

The bottom line: even when there is no connectivity, the device should be smart enough to offer you the possibility to continue working, not only catching up on email, but also on documents you started editing on your computer just before you left for the airport.

When the ‘seatbelt’ sign lights up and your mobile device needs to be put in flight mode, the work can start!
You can read the article here.