Zoho Corporation Limited

ManageEngine Mobile Device Manager Plus: Cloud-based enterprise mobility management tool

A web-based mobile device management tool that enables Android, iOS, iPadOS, macOS, Windows, and ChromeOS devices to be managed. Automate the complete device management life cycle through OOB enrollment, configuration and security management, app and update management, kiosk management, location tracking, remote troubleshooting, and more.

Features

• Mobile device management for enterprises.
• Mobile security baselining through granular configuration profiles.
• Silent app installation and automated app update management.
• Single- and multi-app mode and shared device configurations.
• Mobile asset and inventory management for easier auditing.
• BYOD and COPE device management with containerisation capabilities.
• Secure remote troubleshooting to resolve technical issues.
• Device location tracking and geofencing to secure data.
• Secure access to sensitive data with conditional access.
• Automated OS update and patch management services for improved security.

Benefits

• Remote device management for smartphones, tablets, laptops, desktops, and TVs.
• Onboard devices through zero touch methods to rapidly upscale deployment.
• Preconfigure management policies to make devices ready for work OOB.
• Manage device configurations, apps, and content without user intervention.
• Block malicious apps and web content from being accessed.
• Push app and firmware updates over-the-air.
• Keep devices and device apps patched with tested updates automatically.
• Resolve technical issues through remote troubleshooting.
• Ensure only managed devices access corporate data through conditional access.
• Containerise corporate data and implement DLP policies to secure it.

£516 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

454934883188628

Contact

Sreyas Benjamin
+44 2038072092
zohouk-gcloud@eu.zohocorp.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: As a cloud solution, the service undergoes planned maintenance and enhancements from time to time which are intimated over various communication channels such as forum, email and product banner. Service outages can be viewed at status.manageengine.uk or status.manageengine.com or status.manageengine.eu depending on your hosting location where the user can find the detailed account of any planned/unplanned maintenance.
• System requirements:
  • Supported Apple, Android, Windows, and ChomeOS devices can be managed.
  • Browser applications like Mozilla Firefox, Google Chrome, and Apple Safari.
  • Mobile app to use the service on a mobile device.
  • Internet connectivity.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Severity Levels and Acknowledgement Time :; a) S1 – Major - Within 4 Regional Business Hours; b) S2 – Moderate - Within 12 Regional Business Hours; c) S3 – Low - Within 24 Regional Business Hours; Weekend support is available for customers opting for premium support.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We have Chat option within the product to interact with a human support representative. Users can also access our web chat support by visiting our webpage and clicking on the support icon. This is to seek technical assistance, pose queries, or request remote assistance.; ; In terms of accessibility, we ensure the following:; ; 1) Mouseless intervention-; The application has been made entirely usable without the need for a mouse device. The product supports mouseless intervention, which allows navigation throughout, by using the following keys:; ●Tab for navigating forward,; ●Shift+Tab for navigating backward,; ●Enter/Return for option selection.; ; 2) Zoom controls and font size-; The application is entirely adaptable with Zoom control support of 80% to 125% irrespective of the device being used, whether a large device or small, enhancing the overall product visibility. ; It also supports maximum readability by allowing adjustments to the font size of the content/text within (small, medium, or large) as the user desires, enhancing clarity and legibility.; ; 3) Screen reader compatibility-; Our application being text-only, allows the usage of the screen reader extensions, which enable the focus area on the screen (either through the Tab key or mouse click) to be read out aloud, making all content accessible.
• Web chat accessibility testing: We have not done any web chat testing with assistive technology.
• Onsite support: Yes, at extra cost
• Support levels: ManageEngine offers two tiers of support: Classic and Premium. Classic support is included with a subscription license, and provides email and chat support, as well as access to online resources. Premium support offers additional benefits, such as a single point of contact, faster turnaround times, and 24/7 phone support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once a user signs up for ManageEngine Mobile Device Manager Plus, there are a multiple ways to get started and gain product proficiency.; ; 1. In-product onboarding: In-product guidance and instructions to help users familiarise themselves with the platform after signing in for the first time.; ; 2. Paid Product Support: Apart from classic support, our paid programs provide a dedicated team of solution engineers and product experts to help users get started with ManageEngine Mobile Device Manager Plus.; ; 3. Online documentation: ManageEngine Mobile Device Manager Plus provides in-depth help documentation that is hosted online at https://www.manageengine.com/mobile-device-management/help/, which provides step-by-step guidance for administrators, technicians, and end-users. ; ; 4. Training videos: Apart from help documentation, ManageEngine Mobile Device Manager Plus also maintains a repository of video tutorials and conducts live webinars with our product experts throughout the year for every module and function at https://www.manageengine.com/mobile-device-management/training.html; ; 5. Dedicated Technical Account Managers: ManageEngine Mobile Device Manager Plus’ Technical account managers travel around the globe meeting customers in their offices for on-site health checks. ; ; 6. In-person events: We also host in-person workshops and user conferences to help train customers on the product capabilities with an option to avail a product associate certification.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: After the evaluation period, users will be prompted to transition to the free edition of ManageEngine Mobile Device Manager Plus (maximum 25 devices). If the user does not transition within 3 months (after repeated follow-ups), user data will be archived and will be deleted from our internal records after 3 subsequent months. ; A licensed user can terminate a contract by deleting their org within the application console during which the user is given the chance to download a copy of basic inventory data.
• End-of-contract process: Users can purchase the solution on a monthly or yearly basis. At the end of their contract, if they do not renew their subscription, they get downgraded to the free edition.; Upon termination of a user account, user data gets deleted from the active database during the subsequent clean-up that occurs once every 6 months. The data deleted from the active database will be deleted from backups after 3 months. During the offboarding process, we provide the option to export data and ensure that all sensitive information is securely transferred or deleted as per our privacy policy.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Mobile Device Manager Plus server is accessible on desktops and laptops, while the agent app on the device functions as a self-service portal for device users by giving them access to the corporate app catalogue, announcements, device management policies and more. Additionally, we also offer an admin app for iOS and Android devices that enables admins to initiate important device management activities like device scans and remote commands right from their mobile device.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: IT admins, technicians, and managers can access the product console (service interface) on browser-only platforms (for desktops) and the iOS/Android app (for mobile devices). Within the service console, the various device management functionalities are presented under different tabs that are easily accessible to the admin. Mobile self service for end users is available through dedicated apps on iOS, iPadOS, and Android platforms.
• Accessibility standards: None or don’t know
• Description of accessibility: Mobile Device Manager Plus offers a user-friendly web interface accessible through major web browsers such as Google Chrome, Mozilla Firefox, Microsoft Edge, Safari, and others. Service interface does not override the user’s individual display attributes (such as contrast and colour). Service interface does not have ; elements that flashes/blinks at high frequency.
• Accessibility testing: The application has been tested using manual testing methods for navigation and readability. Screen reader compatibility has been tested with the Chromevox extension, which reads the focus content on the screen aloud.
• API: Yes
• What users can and can't do using the API: ManageEngine Mobile Device Manager Plus facilitates easy integration with users' existing infrastructure using REST APIs. A valid Zoho username and password is required to use the API. Authorisation and authentication to access the API are done using OAuth 2.0. The steps to generate an OAuth token are as follows:; 1. Generate <Client ID> and <Client Secret>.; 2. Authorisation by generating the <grant token>.; 3. Generating <Access> and <Refresh Token>.; 4. Generate <Access Token> from <Refresh Token>.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Administrators have the flexibility to personalise the look and feel of the console according to their preference. Administrators can configure user accounts, specify roles to different users (RBAC), reorganise menu bar and homepage graphs, rebrand the console and generate customised reports from within the product. Further, service level customisation can be qualified upon request to the Support.

Scaling

• Independence of resources: We have a distributed network of servers across the globe that ensures service uptime and efficient content delivery with minimal latency. Individual Customer data is logically separated within a database to ensure data security and privacy. Failover and load-balancing systems are put in place for overall reliability and seamless resource utilisation.

Analytics

• Service usage metrics: Yes
• Metrics types: Users can view their license information (like device count, expiry, edition etc.) Users are offered Uptime/Downtime metrics ( % service availability over an year). There is a provision of user communication for planned maintenance, downtime and RCA.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Once the contract period ends, in the absence of a renewal contract, the ManageEngine Mobile Device Manager Plus license is deprecated to the standard edition that is free for 25 devices.; Upon termination of user account, user data gets deleted from the active database during the subsequent clean-up that occurs once every 6 months. The data deleted from the active database will be deleted from backups after 3 months. During the offboarding process, we provide the option to export data and ensure that all sensitive information is securely transferred or deleted as per our privacy policy.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • HTML
  • XLS
• Data import formats:
  • CSV
  • Other
• Other data import formats: Migration tool

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: We encrypt user data within our network using 256-bit Advanced Encryption Standard (AES). We own and maintain the keys using our in-house Key Management Service (KMS). We provide additional layers of security by encrypting the data encryption keys using master keys which are well protected.

Availability and resilience

• Guaranteed availability: Our average monthly service uptime is 99.9%.; Upon user request, ManageEngine will, as per the terms and conditions of its Service level agreement, provide service credits. A copy of ManageEngine SLA can be shared upon request.
• Approach to resilience: Application data is stored on resilient storage that is replicated across data centres. Data in the primary DC is replicated in the secondary in near real-time. In case of failure of the primary DC, secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Both the centres are equipped with multiple ISPs. We have power back-up, temperature control systems, and fire-prevention systems as physical measures to ensure business continuity. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations such as support and infrastructure management.
• Outage reporting: We have a dedicated incident management team. We notify you of the incidents in our environment that apply to you, along with suitable actions that you may need to take. We track and close the incidents with appropriate corrective actions. Whenever applicable, we will identify, collect, acquire and provide you with necessary evidence the form of application and audit logs regarding incidents that apply to you. Furthermore, we implement controls to prevent recurrence of similar situations.; ; We respond to the security or privacy incidents you report to us. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organisation, we will notify the concerned party through email (using their primary email address of the Organisation administrator registered with us).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Users can log in to ManageEngine Mobile Device Manager Plus through a two-step process. First, they are verified using their credentials. If that initial verification is successful, they may then need to provide additional authentication factors (MFA) depending on the administrator's configuration. Users can also log in via SSO support for Google, LinkedIn, GitHub, Apple, Yahoo, Microsoft, or Slack.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: We employ technical access controls and internal policies to prohibit employees from arbitrarily accessing user data. We adhere to the principles of least privilege and role-based permissions to minimise the risk of data exposure.; ; Access to production environments is maintained by a central directory and authenticated using a combination of strong passwords, two-factor authentication, and passphrase-protected SSH keys. Furthermore, we facilitate such access through a separate network with stricter rules and hardened devices. Additionally, we log all the operations and audit them periodically.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 09/08/2022
• What the ISO/IEC 27001 doesn’t cover: Zoho has earned ISO/IEC 27001:2013 certification for applications, systems, people, technology, and processes. ManageEngine is a division of Zoho. Anything else apart from the ones mentioned above are not covered by the ISO/IEC 27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01/03/2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO/IEC 27701
  • ISO/IEC 27017
  • ISO/IEC 27018
  • ISO 22301:2019
  • SOC 2 Type II
  • ESQUEMA NACIONAL DE SEGURIDAD (ENS) - Spain

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: 1) ISO/IEC 27701,; 2) ISO/IEC 27017,; 3) ISO/IEC 27018,; 4) ISO 22301:2019,; 5) SOC 2 Type II and,; 6)ESQUEMA NACIONAL DE SEGURIDAD (ENS) - Spain
• Information security policies and processes: We have a dedicated Compliance team and they conduct internal risk assessments to confirm if the policies are followed. ManageEngine has an established governance framework that supports relevant aspects of information security with policies and standards. Roles and responsibilities for the governance of Information Security within ManageEngine are formally documented and communicated by the management. ManageEngine shall establish, implement, and maintain an information security program in accordance with the international standard ISO 27001 that includes technical and organisational security and physical measures as well as policies and procedures to protect customer data processed by ManageEngine against accidental loss, destruction or alteration, unauthorised disclosure or access,or unlawful destruction. ManageEngine maintains documented information security and data privacy policies and requirements and communicates them periodically to those employees responsible for the design, implementation, and maintenance of security and privacy controls.The policies are reviewed annually to keep them up-to-date. This policy gets verified during our third-party audits like ISO and SOC.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have the Change Management procedures in place that include the following but are not limited to all the changes to the organisation, applications, systems, people, technology, and processes, information processing facilities that affect information security/privacy. For every change, the security impact is analysed. We maintain Audit logs as evidence of all the changes. Fall-back procedures, including procedures and responsibilities for aborting and recovering from unsuccessful changes and unforeseen events, are documented and communicated. Zoho shall notify the customer of any changes that may affect the customer in an adverse manner.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our dedicated vulnerability management process actively scans for security threats using a combination of certified third-party scanning tools and in-house tools, and with automated and manual penetration testing efforts. Our security team actively reviews inbound security reports and monitors public mailing lists, blog posts, and wikis to spot security incidents that might affect the company’s infrastructure.; ; Once we identify a vulnerability requiring remediation, it is logged, prioritised according to severity, and assigned to an owner. We further identify the associated risks and track the vulnerability until it is closed by either patching the vulnerable systems or applying relevant controls.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We monitor and analyse information gathered from services, internal traffic in our network, and usage of devices and terminals. We record this information in the form of event logs, audit logs, fault logs, administrator logs, and operator logs. These logs are automatically monitored and analysed to a reasonable extent which helps us identify anomalies such as unusual activity in employees’ accounts or attempts to access customer data. We store these logs in a secure server isolated from full system access, to manage access control centrally and ensure availability.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a dedicated incident management team. We track and close the incidents with appropriate corrective actions. Whenever applicable, we will identify, collect, acquire, and provide users with necessary evidence in the form of application and audit logs regarding incidents applicable.; We respond to the security or privacy incidents you report to us through incidents@zohocorp.com, with high priority. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organisation, we will notify the concerned party through the primary email of the Organisation administrator registered with us.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We've partnered with Equinix to host our UK data centres in London and Manchester. Equinix is also committed to sustainability and is compliant with the Climate Neutral Data Centre Pact, ISO 14001, LEED, etc. The energy supply for the Zoho UK’s workspace at Bletchley is derived from renewable sources, accounting for 21% of total power consumption. LED retrofits have been implemented to enhance energy efficiency throughout the building. Designed with a focus on energy efficiency, data centres that support Zoho UK are powered by renewable energy. Further, these data centres are progressing towards integrating with a solar grid to reduce environmental impacts. All purchased energy for the data centres is sourced from green energy providers. This enables us to minimise the carbon footprint associated with our operations. The United Kingdom has committed to achieving carbon neutrality by 2050. Supporting this pledge, we have taken steps to monitor greenhouse gas (GHG) emissions from our operations and implement measures to mitigate them. We account for Scope 2 and Scope 3 emissions and exclude Scope 1 emissions as our work does not involve fuel combustion within operational boundaries. We've switched completely to electric vehicles for movement within the campus.

  Covid-19 recovery

  During the COVD-19 pandemic, Zoho worked to minimise the impact of COVID on our customers, other business and our local community. At the start of the pandemic, Zoho created and distributed a Secure Remote Access Toolkit to help organisations quickly adapt to and work securely during the pandemic. This toolkit was made free for the first 100 days. To assist organisations impacted by the pandemic, Zoho offered free licenses of flagship products, and offered discounts and waivers on licenses on a case-by-case basis. While most of our employees worked from home, we kept the kitchen at our Chennai headquarters running with a skeletal staff to provide food to underprivileged people in the local area, many of whom were impacted due to a loss of employment during the lockdown. We converted one of our office buildings into a temporary COVID-19 ward to accommodate citizens who were required to quarantine. We ran vaccination camps to our employees, their dependents and the support staff who worked in Zoho.

  Tackling economic inequality

  Zoho has always aimed to tackle economic inequality and give back to the community. This is reflected in the following: Coined by our CEO, transnational localism is the philosophy that underpins our staffing and office location plans. Instead of focusing on crowded urban centres, we've been opening spoke offices in smaller towns and villages. The goal is to improve local infrastructure, boost the economy of these smaller towns and villages, and provide more employment opportunity. As part of our philosophy of transnational localism, we believe in hiring locally for each spoke office. This helps promote local talent and bring high-paying jobs back to the villages and towns where we are based.

  Equal opportunity

  As part of our efforts to tackle inequality, Zoho Corporation Limited have made efforts to provide equal opportunities and tackle workforce inequality. All roles at Zoho Corporation are open to all people irrespective of gender, sex, race, ability, or religion. We hire solely based on skill and have a diverse team. We eschew discrimination on any grounds, including age, colour, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, and other unique characteristics that define our associates. Instead, we espouse, fairness, striving to ensure that a merit-based approach allows wage parity among associates with comparable experiences and responsibilities, irrespective of their gender. Our campus has been designed to be accessible to all, including differently- abled colleagues. The layout design includes ramps and lifts in every building, allowing ease of mobility and access to all. Apart from the usual shuttle facilities, special cab service covering a certain distance is given for women during their third trimester.

  Wellbeing

  Zoho Corporation Limited adheres to industry standards in remuneration, ensuring that compensation is equitable across genders. Recognising the diverse needs of our people, we provide essential support such as parental leave, aligning with our efforts to build an organisation that values and cares for every individual. We have trained medical practitioners and a dedicated medical clinic available on all days of the week. Employees can freely avail their services. The Hazard Identification & Risk Assessment (HIRA) Framework is followed rigorously at the premises. We provide in-house counselling to our employees for free via our team of trained and qualified therapists. We organise free medical check-ups for our employees on an annual basis. We organise regular blood donation camps in association with various blood banks. We have open house sessions conducted by the CEO periodically where employees can raise any concerns. Day Care facilities provided for employees kids. The compliance monitoring framework involves ongoing reviews and enhancements of occupational health programmes, guided by feedback, data analysis, and emerging best practices.

Pricing

• Price: £516 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Users can get a 30-day fully functional free trial to evaluate the product. In addition, we also offer a fully-featured free version that enables users to manage up to 25 devices.
• Link to free trial: https://www.manageengine.com/mobile-device-management/free-trial.html

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.