Simply follow the steps or watch the video tutorial to get started
1) REGISTER YOUR BUSINESS
30 seconds
Prerequisites to start using TinyMDM:
- You need to have a TinyMDM account. If you didn’t sign up to TinyMDM free trial yet, do it now here.
First of all, you need to register your company. From your TinyMDM dashboard, go to the Enterprise Approved Apps tab and click Register your company. Depending on the registration method you use (professional email address, Google Workspace administrator account or Google account), follow the steps of the tutorial below.
Help resource: How to register your business
2 ) SELECT YOUR BUSINESS-WIDE APPROVED APPS
Prerequisite to start using TinyMDM:
- Having registered your company
5 minutes
From the Enterprise approved app tab, select the apps that are going to be approved company-wide: public, private, manufacturer or web ones.
Note: all the selected apps are going to be pre-approved company-wide, but you’ll be able to adapt the list depending on the policies you’re setting up.
a. Managed Play Store
- Public apps: click on the Browse apps button and authorize as many apps as you want in a few clicks
- Private apps: click on the Private apps button and upload private apps if needed (APK format). If you don’t want to publish your APK through the Play Store, follow the step b. TinyMDM Store
- Web apps: click on the Web apps button and create your own web application by indicating a name for your web app and the URL
Help resources: How to approve public apps / Private apps (Managed Play Store) / Web apps
b. TinyMDM Store
TinyMDM Store enables you to approve private applications bypassing the Google Play Store restrictions: package name already used, apk over 50MO, bad signature, etc.
1. Click on Private apps in the relevant box
2. Press the Upload new private app button and download your apk
3. Once the apk is downloaded, check the file informations and click on Publish.
Help resource: Private apps
c. Manufacturer applications
The Manufacturer Applications box includes all the system applications available for the different manufacturers of your devices.
To approve system applications, you need to click on Manufacturer applications and tick the applications of your choice. Then, they will appear in the list of approved applications and can be installed on the appropriate policies.
3) CREATE OR IMPORT USERS
60 seconds
Before giving a device to one of your collaborators, you need to create a User card for them from the Users and Groups tab.
Tip: If you don’t need to have specific users (if the devices don’t belong to anyone in particular, or if you don’t need to push configurations linked to an e-mail address, or if the devices are shared…), you can skip this step and use our multiple enrollment feature. This way, users will be created automatically each time a device is enrolled.
To create users, many options exist: you can do so one by one by clicking on Add a user, import a csv list of users by clicking on Import users or use our Microsoft Entra ID (formerly Microsoft Azure) sync feature.
- If, when you click on Add user, you don’t want the user to be linked to an e-mail address, you can check the Anonymous user box. In this case, only a name will be required to create the user (see tutorial Adding anonymous users with TinyMDM).
- If you want users to receive an email with the QR code needed to enroll their device, you can tick Send an email to the user. In any case, the QR code will still be permanently visible on the TinyMDM console.
All the created users appear as cards. If they haven’t already been affected to a policy, the message No policy for the user appears. You will need to create a policy from the Policies tab and affect one or multiple users before being able to enroll the devices linked to them.
If you don’t need to have specific users (if the devices don’t belong to anyone in particular, or if you don’t need to push configurations linked to an email address, or if the devices are shared…), you can skip this step and use our multiple enrollment feature instead. This way, users will be created automatically each time a device is enrolled.
Help resources: create users and groups, import users from a CSV file, multiple enrollment method
4) CREATE A POLICY
5 minutes
The policy represents the security rules that you want to apply to the mobile devices:
- Go to the Policies tab, then click on Create a policy
- Select users (or groups of users) that are going to be assigned to this policy (you can easily modify it whenever needed)
- Setup your tailor-made policy thanks to the different tabs available: passwords management, apps management, internet filtering, Wi-Fi configuration, shared contacts, shared files…
Help resource: how to create a policy
5) ENROLL A DEVICE OR SETUP A WORK PROFILE
5 minutes
BYOD, Fully Managed, WPCO, Kiosk mode… You don’t know which management mode to use on your devices? Discover them here.
a. Enroll a Fully Managed device (COBO)
Prerequisites:
- The device must be new or reset to factory settings.
- This enrollment method is not compatible with Huawei (EMUI 5 or less) and Xiaomi devices. Please refer to the enrollment via afw# code method.
1. On the first screen displayed at startup, tap six times in a row, anywhere on the screen (but six times in one spot), and wait a few seconds.
Note: even if the first screen is often the one where the language selection is made, it may vary according to the manufacturer of the device. Whatever the first screen is, the important thing is to tap six times on the initial screen, whatever it is.
2. The camera of the device opens: the QR code must be scanned (visible in the administration console, or by email if it has been sent to the end user). If the device doesn’t have a camera, you can display an enrollment token instead and type it in. If you preconfigured wifi networks on the administration console, you can select one, by clicking on Add a preconfigured wifi. The device will automatically be connected to the selected network, thanks to the QR code.
The feature “Force mobile data enrollment in QR code” is not compatible with Android 10 devices.
3. If you didn’t preconfigure a wifi network, you can select one, enter it’s password and follow the steps of the configuration wizard.
4. The device automatically downloads TinyMDM. Click Begin and accept the Terms of Use.
5. The configuration defined in the policy applies directly!
b. Enroll a business device that may be used for personal purposes (WPCO)
Even if it’s personally enabled, the device belongs to the organization, hence you must follow the same steps as to enroll a fully managed device (see above). The only difference here is that you must check the box “WPCO enrollment” below the QR code in TinyMDM. More information.
c. Setup a work profile on a device (BYOD)
Enabling a Work Profile is ideal for managing employee-owned devices (BYOD) or giving more freedom to employees using a company-owed device: it allows companies to manage the business data and apps, but leave everything else on the device under the user’s control. To setup a work profile on a device already in use:
1. Download the application “TinyMDM” on the Play Store
2. Open the application and choose the option “Work Profile”
3. Follow the configuration wizard and accept the Terms of Use
Business-related apps managed by the Work Profile have a particular business icon setting them apart from personal apps. They are held in a secured container and, depending on the policy affected to the device, a secure password will be needed to access it.
The Play Store inside the Work Profile will only display the Enterprise approved apps, but users can access the Play Store as usual once outside the Work Profile.