IBM Support

Improved action execution times in Direct Boot Mode for Android devices managed by IBM MaaS360

News


Abstract

In 2016, with Android N (Nougat/7.0), a specialized environment called Direct Boot Mode was introduced by Google for the Android OS.
When an Android-powered device is switched on, it boots in the Direct Boot Mode before the user unlocks it with their screen lock authentication mechanisms during the very first instance. In this specialized mode, while the OS is fully functional, the access to any app’s private data is completely restricted and only apps that are updated to be Direct Boot Mode are allowed to run.

Content

Subsequently, for effective device management, IBM MaaS360 had supported the Android Enterprise solution sets for the following actions to be executed in Direct Boot Mode.

  • Reset Password: This action helps in quickly recovering a device and preventing loss of productivity when the user has forgotten the password or has been locked out because of multiple incorrect attempts.
  • Wipe: In scenarios where the device is deemed to be lost or misplaced or stolen, a remote wipe can be triggered to help reduce the risk of corporate data leakage.
Both the Reset Password and Wipe device actions would get executed in a time window of 0 - 4 hours depending on when the action was initiated as well as when the device booted in the Direct Boot mode. This relatively high execution window was due to a lack of support for FCM (Firebase Cloud Messaging) although Google had introduced the Direct Boot Mode earlier.
FCM is the default messaging channel used for server-to-device communications on the Android devices. Because of this constraint, the IBM MaaS360 agent on the device could only execute any queued actions on the device after a successful periodic sync with the IBM MaaS360 portal.
Google has finally added support for FCM in the Direct Boot Mode. IBM MaaS360 now leverages this enhanced functionality to deliver both Reset Password and Wipe actions in near real-time on the target devices. Once an action is queued and the device is online with good network coverage, the actions are executed within a few minutes.

Prerequisites

  • MaaS360 Android Agent 8.65 or higher.
  • Target devices must be compatible with Direct Boot mode.
  • Target devices must be online with adequate network coverage.

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"ARM Category":[{"code":"a8m3p000000hCHXAA2","label":"DEVICES"},{"code":"a8m3p000000hCH8AAM","label":"ENROLLMENT-\u003EANDROID"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
23 September 2024

UID

ibm17169561

Page Feedback