Skip to main content

MDM Connectors

  • Updated

Managing Shadow IT with MDM Integration in Productiv

Overview
With Mobile Device Management (MDM) integrations, Productiv extends its capabilities to help you manage shadow IT more effectively. By connecting Productiv to your MDM platforms, you gain visibility into apps being installed on company-managed devices and the users installing them. This feature empowers IT teams to:
  • Identify unauthorized applications.
  • Monitor app installations for compliance and security.
  • Take actionable steps to ensure SaaS compliance across the organization.
As of December 2024, Productiv supports integration with the following MDM platforms:
  • Kandji
  • Jamf Pro
Note: Productiv’s MDM integrations are read-only, meaning we retrieve data about app installations but do not perform actions like locking or erasing user devices.
 

Benefits of MDM Integration

  1. Enhanced Visibility
    • Understand which apps are installed on company devices.
    • Identify the number of users installing specific applications.
  3. Streamlined App Management
    1. Access number of users with app installations directly in the Productiv App List page
    2. Dive into detailed insights for each app to assess user adoption
  5. Improved Security and Compliance
    1. Detect unauthorized applications that might pose security risks.
    2. Ensure compliance with IT policies by tracking device-level app installations.
 

Using the MDM Integration

1. View Apps in the App List Page
  • Navigate to the App List page on the Productiv dashboard.
  • Apps identified from MDM data will appear alongside existing app data, marked with an MDM data source.
  • You can also see the number of unique users who have installed this app on their devices
image.png
 
2. Inspect App Details (Coming soon)
  • Click on any app to view detailed insights
  • This includes the number and list of users who have installed the app on a company device.
image.png
 
3. Take Action
  - Identify shadow IT risks and follow up with the users or teams involved.
  - Export the data for further analysis or reporting.
  - Run app review workflows in Productiv for apps identified through these integrations.
 

Application Filtering

To ensure the most useful and actionable data is presented in Productiv, the MDM connectors ignore certain kinds of apps that create noise or don’t represent SaaS application usage. The following is a list of all kinds of apps currently ignored by these connectors, alongside technical details of how the connectors determine which apps meet these criteria.
  • Apps developed by Apple
    • This frequently includes apps that are built-in on most or all devices. Having these apps installed on a device does not necessarily indicate the app is being used by any given person.
    • Matches: Apps whose bundle ID begins with:
      • com.apple.
  • Extension or “sidecar” apps
    • Browser extensions or launcher apps.
    • Matches: Apps whose bundle ID begins with:
      • com.google.Chrome. (This does not include Chrome itself)
      • com.microsoft.edgemac.app.
      • com.microsoft.Edge. (This does not include Edge itself)
      • com.parallels.winapp. (Parallels desktop “launcher” shortcuts)
  • Temporary or development apps
    • This includes debug builds of apps generated by Xcode or other developer tools.
    • Matches: Apps whose bundle ID begins with:
      • swift-playgrounds-dev-previews.
    • Matches: Apps whose installed file path begins with:
      • ~/Library/Developer/
      • ~/Library/Caches/
  • iPhone-mirrored and sandbox container apps
    • These apps are not installed directly on the MDM-monitored laptop, but the iPhone mirroring feature in macOS creates application bundles for every app installed on a paired iPhone. Due to the organization of these “app launchers” in the file system, MDM platforms may detect these as “installed apps” even when they are only installed on a paired mobile device instead of the supervised laptop, so Productiv excludes them.
    • Matches: Apps whose installed file path begins with:
      • ~/Library/Daemon Containers/
 
For further assistance or questions, please contact our support team at support@productiv.com.

Related articles

Comments

0 comments

Please sign in to leave a comment.