Mobile Device Manager Cloud

ManageEngine Security Practices, Policies & Infrastructure for MDM Cloud

Security and data protection are paramount for us. We take security very seriously and have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure.
If you are currently maintaining your data on personal computers or your own servers, the odds are that we offer a better level of security than what you currently have in place.
This document outlines some of the mechanisms and processes we have implemented to help ensure that your data is protected. Our security practices are grouped in four different areas: Physical Security; Network Security; People Processes and Redundancy and Business Continuity.

Features

Physical Security
Our data centers are hosted in some of the most secure facilities available today in locations that are protected from physical and logical attacks as well as from natural disasters such as earthquakes, fires, floods, etc.
  • 7x24x365 Security.
    The data centers that host your data are guarded seven days a week, 24 hours a day, each and every day of the year by private security guards.
  • Video Monitoring.
    Each data center is monitored 7x24x365 with night vision cameras.
  • Controlled Entrance.
    Access to the ManageEngine MDM Cloud data centers is tightly restricted to a small group of pre-authorized personnel.
  • Biometric, two-Factor Authentication.
    Two forms of authentication, including a biometric one, must be used together at the same time to enter a ManageEngine MDM Cloud data center.
  • Undisclosed locations.
    ManageEngine MDM Cloud servers are located inside generic-looking, undisclosed locations that make them less likely to be a target of an attack.
  • Bullet-resistant walls.
    ManageEngine MDM Cloud servers are guarded safely inside bullet-resistant walls.
Network Security
Our network security team and infrastructure helps protect your data against the most sophisticated electronic attacks. The following is a subset of our network security practices. These are intentionally stated in a very general way, since even knowing what tactics we use is something hackers crave. If your organization requires further detail on our network security, please contact us.
  • Secure Communication.
    All data transmission to ManageEngine Cloud services are encrypted using TLS 1.2 protocols, and we use certificates issued by SHA 256 based CA ensuring that our users have a secure connection from their browsers to our service. We use the latest and strong ciphers like AES_CBC/AES_GCM 256 bit/128 bit keys for encryption, SHA2 for message authentication and ECDHE_RSA as the key exchange mechanism
  • IDS/IPS.
    Our network is gated and screened by highly powerful and certified Intrusion Detection / Intrusion Prevention Systems.
  • Control and Audit.
    All accesses are controlled and also audited.
  • Secured / Sliced Down OS.
    ManageEngine MDM Cloud applications run inside a secured, sliced-down operating system engineered for security that minimizes vulnerabilities.
  • Virus Scanning.
    Traffic coming into ManageEngine MDM Cloud Servers is automatically scanned for harmful viruses using state of the art virus scanning protocols which are updated regularly.
People Processes
Designing and running data center infrastructure requires not just technology, but a disciplined approach to processes. This includes policies about escalation, management, knowledge sharing, risk, as well as the day to day operations. ManageEngine MDM Cloud's security team has years of experience in designing and operating data centers and continually improves our processes over time. ManageEngine MDM Cloud has developed world class practices for managing security and data protection risk.
  • Select Employees.
    Only employees with the highest clearance have access to our data center data. Employee access is logged and passwords are strictly regulated. We limit access to customer data to only a select few of these employees who need such access to provide support and troubleshooting on our customers' behalf.
  • Audits.
    Audits are regularly performed and the whole process is reviewed by management
  • As-Needed Basis.
    Accessing data center information as well as customer data is done on an as-needed only basis, and only when approved by the customer (i.e. as part of a support incident), or by senior security management to provide support and maintenance.
Redundancy and Business Continuity
One of the fundamental philosophies of cloud computing is the acknowledgment and assumption that computer resources will at some point fail. We have designed our systems and infrastructure with that in mind.
  • Distributed Grid Architecture.
    ManageEngine MDM Cloud services run on a distributed grid architecture. That means a server can fail without a noticeable impact on the system or our services. In fact, on any given week, multiple servers fail without our customers ever noticing it. The system has been designed knowing that server will eventually fail - we have implemented our infrastructure to account for that.
  • Power Redundancy.
    ManageEngine MDM Cloud configures its servers for power redundancy – from power supply to power delivery.
  • Internet Redundancy.
    ManageEngine MDM Cloud is connected to the world –and you- through multiple Tier-1 ISPs. So if any one fails or experiences a delay, you can still reliably get to your applications and information.
  • Redundant Network Devices.
    ManageEngine MDM Cloud runs on redundant network devices (switches, routers, security gateways) to avoid any single point of failure at any level on the internal network.
  • Redundant Cooling and Temperature.
    Intense computing resources generate a lot of heat, and thus need to be cooled to guarantee a smooth operation. ManageEngine MDM Cloud servers are backed by N+2 redundant HVAC systems and temperature control systems.
  • Geo Mirroring.
    Customer data is mirrored in a separate geographic location for Disaster Recovery and Business Continuity purposes. Please note geo mirroring is available on select products and plans.
  • Fire Prevention.
    The ManageEngine MDM Cloud data centers are guarded by industry-standard fire prevention and control systems.
  • Data Protection & Back-up.
    User data is backed-up periodically across multiple servers, helping protect the data in the event of hardware failure of disaster.
Security Certifications
  • ISO/IEC 27001
    is one of the most widely recognized independent international security standards. This certificate is awarded to organizations that comply with ISO's high global standards. ManageEngine has earned ISO/IEC 27001:2013 certification for Applications, Systems, People, Technology, and Processes.
  • SOC 2
    ManageEngine is SOC 2 Type II compliant. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA's Trust Services Principles criteria.

Edition Comparison Matrix

Standard, Professional and Free edition Cloud
Feature Standard Professional Free
Suitable for Suitable for All Round Mobile Device Management Managing upto 25 mobile devices
Device Enrollment
Apple Business Manager
Apple Configurator
Samsung KNOX Enrollment
EMM Token Enrollment
Zero Touch Enrollment
NFC Enrollment
Chromebook Enrollment
Windows 10 Enrollment
Azure Enrollment (AutoPilot)
Profile Management
Wi-fi
VPN
Per-App VPN
Kiosk Mode
Restrictions
Web Content Filtering
E-mail
Exchange ActiveSync
Enterprise SSO
Certificates
Device Functionality Restrictions
Content Distribution
FileVault Encryption
App Management
Apple Business Manager
Android for Work
Windows Store for Business
Chrome Web Store
Blacklisting Apps
Security Management
Remote Alarm
Geo-tracking
Remote Lock
Remote Wipe
Find My Phone
Reset Passcode
Remote Control
E-mail Management
Conditional Exchange Access
E-mail Attachment Viewer
Reports and Audit
Pre-defined Reports
Query Reports
Scheduled Reports
Miscellaneous
Active Directory Authentication
Two Factor Authentication
Role based Access Control
OS update management

Customer Success Story

  • Prodata sistem teknologi
    After deploying ADSelfService Plus, the support calls dropped by 30 percent and now our help desk team have time to focus on other important tasks. Our employees are happy because they have a solution to help them deal with password troubles on their own!
  • Prodata sistem teknologi
    ADManager Plus has good reporting features, connects to all parts of AD, and other information systems easily. Its ability to allow the other members of the IT team to perform any AD management or reporting operation, securely and easily, from the console is yet another advantage of the product.
  • ManageEngine Desktop Central is a product that combines many facets of IT management into a single product that unbelievably simple to use.  Desktop Central not only saves time and effort but also lower costs by placing many tools in one place, which results in an easier IT life and automates IT inventory management.
    Andri Lesmana Wanasurya, S.T., M.T. (CIO)
    Atma Jaya Catholic University of Indonesia, Jakarta