How to secure email attachments in iOS devices?

Description

Corporate Emails often contain confidential organization data as attachments, which must be accessible to the users while preventing any type of unauthorized access. It is also expected that these attachments should not be accessible to other apps. In certain third-party document viewers, the documents are automatically synced with different cloud services, which may cause data breach. 

MDM allows organizations to secure email attachements by using the document viewer, built in the ME MDM app. The document viewer is an optimal way for securing documents distributed using MDM and also to secure email attachments. With the document viewer, you can secure email attachments by

  • Viewing the email attachment only through the document viewer.
  • Saving the email attachment only in the ME MDM app.
  • Restricting sharing of email attachment content.
  • Not accessing the email attachment using personal apps
  • Not backing up the email attachment on third-party cloud services.

Thus, MDM app becomes the endpoint for secure document management, ensuring the data is most secure and can be accessed only by the users. Including the above features, it has also the following advantages.

  • The document viewer has all the e-mail attachments saved, ensuring easy viewing of all the organizational documents in one place.
  • Document Viewer is included as a part of the ME MDM app, ensuring no additional app is to be installed for content management.
  • MDM becomes the single point for both device management and content management, ensuring restrictions and profiles can be configured to optimally utilize the document viewer.
  • The document viewer doesn't sync with any Cloud service such as iCloud, ensuring there is no copy of the data except in the document viewer.

This is applicable only for iOS devices running iOS 7.0 or later versions.

NOTE: Know how to secure e-mail attachments using MDM in under 3 minutes, from this video.

Steps

  • Distribute ME MDM app to iOS devices. App distribution can be automated by navigating to Enrollment -> ME MDM App(under Apple) and select the option Automatically distribute ME MDM app to Apple devices. You can also configure MDM app settings to install ME MDM app silently as explained here. This will install the ME MDM app on all managed devices along with the document viewer to secure email attachments.
  • In the MDM console, click on Device Mgmt and select Profiles.
  • Click on Create Profile and select Apple profile.
  • Create the profile with Exchange or E-mail policies to ensure the corporate email account is automatically configured on the devices.
  • To secure email attachments by allowing users to access the email attachments only using the ME MDM app, click on Restrictions and select Security.
  • Restrict the option Share data from Managed Apps to Unmanaged apps.
  • Save and publish the profile.
  • Distribute the profile to either specific devices for testing or the required Groups.

NOTE: Ensure no apps used for viewing documents have been distributed through MDM. If distributed, then the attachments can also be viewed through the distributed app as well as ME MDM app.