You should give Hexnode UEM a go. You can have complete control over your devices once you enroll them in Android Enterprise with QR code enrollment or any of the other methods available in Hexnode. After the initial permission approvals, you can sit back and relax. All your devices can be managed remotely from the web-based console.
Hexnode has several device management capabilities including kiosk lockdown. You can even customize a set of peripheral settings that can be accessed from within the kiosk mode. Hexnode also supports deployment and auto-update of store, in-house, and managed apps. Enterprise apps can be updated even when the device is in kiosk mode.
Hexnode also offers Android Enterprise functionalities like work profile password enforcement, device restrictions, app configuration and permissions set up, silent certificate installation, OS updates scheduling, file management, etc. You can try out all these features by signing up for Hexnode’s 30-day free trial. If you’ve got any more concerns, you can explore their vast knowledge base or approach their always-available technical support team for help.
We do not have a dedicated IT team for identity management and have been using Hexnode’s Identity and access management features which is included in its MDM package. There, I could make use of Azure AD integration with Apple Business Manager to make it easier for employees to log in to devices.
Apple does not have federation with Google as of now, which means you cannot use your G Suite account to log on to Apple devices by using them as managed Apple IDs. Hexnode proved to be a stellar addition to protect our company against security attacks and data leakage. They have a dedicated <strong>Data Loss Prevention</strong> policy that can be configured to ensure company data stays within the safety of corporate devices.
I highly recommend trying Scalefusion MDM, which lets you secure, control, and manage Android devices from a cloud-based dashboard. A bundle of useful features is also provided, including those you need. A centralized and easy-to-use dashboard, 24/7 customer support, customization, and a low price distinguish this product. Scalefusion Named as a Leader in G2’s MDM Grid Spring 2021.
I highly recommend trying Scalefusion MDM, which lets you control and manage multi-OS devices such as Android, iOS, macOS & Windows 10 from a cloud-based dashboard. A bundle of useful features is also provided, including those you need. A centralized and easy-to-use dashboard, 24/7 customer support, customization, and a low price distinguish this product. Scalefusion Named as a Leader in G2’s MDM Grid Spring 2021.
Using an MDM solution as an Android Device Manager can allow admins to silently install and update apps, block or allow essential apps, and configure a private Enterprise App Store. Furthermore, IT admins can push content over the air through a File Store or use containerization to ensure content remains secure.
For more info: https://scalefusion.com/android-mobile-device-management
Yes, app data usage of each device can be tracked on the Scalefusion DeepDive. IT admins can get an overview of the average data usage by the entire device inventory and also see the last connection status of the device inventory.
Furthermore, IT admins can schedule a data usage workflow for Android and iOS devices and set a data usage limit. Whenever a device consumes more data than the defined threshold, an alert is sent to the device and a report of the same is automatically sent to the admins.
You cannot unenroll a Mobile Device Management(MDM) profile from your handheld devices if the device has been solely deployed or given to you by an employer organization. MDM profiles are enrolled, preconfigured or pre-installed by an organization and then distributed among employees for work purpose. The purpose of implementing MDM solutions is to remotely manage device usage and to ensure secure access or use of corporate data on the devices, thus preventing breaches and facilitating productive use of the devices.
Whenever you'll apply policies on devices then you'll have to grant access permissions to device work properly. I would recommend using Scalefusion Kiosk Software for your requirement, it'll help you to ease the lockdown process by creating a profile where you can set all the restrictions on the device as well as group level. After the device enrollment(you can able to enroll devices with multiple methods including what you mentioned above), you don't need to reset the device again.
Google's AMAPI does infact use an application just as every other EMM, it's the Android Device Policy app.
https://play.google.com/store/apps/details?id=com.google.android.apps.work.clouddpc
More and more OEMs are preloading this as part of GMS (Google certification) which helps Google's message of it being "Android OS" doing all the work given it's there out of the box already, but it's very much following the norm for Android Enterprise management.
Could this work?
​
https://play.google.com/store/apps/details?id=mobi.biko.exchained&hl=en_US
​
​