Centrify has released DirectControl for Mobile, a cloud-based service that manages iOS and Android using Microsoft Active Directory. It enables administrators to apply Active Directory security group policies to smartphones and tablets, including remotely locking and wiping devices and password authentication for company networks and services, Wi-Fi, and remote VPN access. DirectControl for Mobile also provides information about what software is running on the devices and whether the devices have been jail-broken.
The data is stored in Active Directory, and management is done from within the standard Active Directory consoles. There is also another management component, the Cloud Manager, that enables the enforcement of Active Directory policies even when a device isn't connected to the network. Cloud Manager also enables an administrator to see what Apps are installed. Centrify has some screen shots of this at its web site.
Analyst Mark Diodati of Gartner, Inc., described how the service works:
Centrify provides an identity bridge that monitors Active Directory for changes, then feeds those changes to a SaaS-based service that abstracts the complexities of mobile device interactions.
Existing Active Directory users can self-enroll their devices without an administrator's intervention. Devices are assigned to a current Active Directory user. The device is automatically de-provisioned when the Active Directory account is disabled or deleted.
Although there are quite a few other mobile device management (MDM) systems available, Centrify DirectControl for Mobile is the first to use Active Directory as the policy management framework. There is additional infrastructure required to be installed on the corporate network.
Centrify also offers a suite of products for integrating Mac OS X, Linux, and Unix devices into an Active Directory domain. DirectControl for Mobile costs $24 per device annually.