Managing secure locations for a device
The Locations feature allows an administrator to determine whether a device is at a designated secure location and receiving the necessary policies while onsite.
About this task
The geo-fencing rule, included with the compliance rule set, places a device out of compliance if a device is removed from a designated secure location. The administrator can send actions against the device and also apply policies to the device when the device checks back in a designated secure location.
If a device is removed from a designated secure location, the device can receive a policy in other ways based on the following sequence: rules, groups, devices, users, or default. A location-based policy receives the highest preference.
A location is either a physical location such as a physical address, or a network connection such as a wifi SSID. MaaS360® can detect a geographically-based or wifi-based location and apply a policy to a device within 30 minutes depending on the network connection and the status of the MaaS360 app on the device.
For Android devices, MaaS360 immediately detects a wifi-based location for a device. For an address-based location, MaaS360 uses a policy to detect a device, which might take up to 5 minutes (the default setting is 15 minutes) depending on the network connection and the status of the MaaS360 app on the device. MaaS360 detects the location of a device based on the frequency setting configured in the Android MDM policy. If this setting is configured to check the device often, you might drain the battery on the device. The MaaS360 agent can only notify the IBM® MaaS360 Portal up to 100 times a day for any changes to a device's location. When that limit is reached, the agent cannot communicate changes to the IBM MaaS360 Portal or change a policy until the next day. MaaS360 provides offline geo-fencing functions for Android MDM policies. Offline policy features require applicable Android devices to come online to receive policy and map data. Once this information is gathered, the device updates policies by using geo-fencing guidelines while the device is offline. To enable offline geo-fencing, contact your IBM MaaS360 Account Manager or Partner.
- To use location-based functions, the administrator must enroll devices and install the MaaS360 app on the device.
- Location tracking is not supported on Android devices that are enrolled in Profile Owner (PO) and Work Profile on Corporate Owned (WPCO) modes.
Follow these steps to set up the location of devices based on a geographical area or a wifi network: