Contents
MobileIron Support Documentation
Contents
1
INTRODUCTION .............................................................................................................................2
2
COMPONENTS ...............................................................................................................................2
3
ADDING MOBILEIRON USERS AND DEVICES ...........................................................................3
4
5
3.1
ADD VIA BROWSER ........................................................................................................................3
3.2
ADD VIA AN IOS DEVICE ................................................................................................................6
MANAGING APPS WITH MOBILEIRON ........................................................................................7
4.1
ADD AN APP ..................................................................................................................................7
4.2
ADD A NEW VERSION OF AN APP ...................................................................................................10
CONFIGURING THE APP SETTINGS..........................................................................................10
5.1 APPLY SETTINGS .........................................................................................................................10
5.1.1 Configure p-list ................................................................................................................. 10
5.1.2 Import settings via MobileIron .......................................................................................... 11
5.2
LIST OF POSSIBLE PARAMETERS ...................................................................................................14
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 1/15
Introduction
1 Introduction
SIMSme is the Secure Instant Messenger by Deutsche Post AG. Sending messages with SIMSme
Business is guaranteed by Deutsche Post to be absolutely secure and confidential thanks to end-toend encryption. SIMSme Business improves internal communication with colleagues and within
teams, and increases their productivity. Users can exchange text, video, and audio messages, photos,
files and more, confidentially in single or group chats. The service complies with the German data
protection standards and is operated exclusively on German servers. The advantages for you:

One messenger for the entire mobile communication within the organisation.

Fast and secure real-time communication increasing team and project efficiency

Clear separation between work-related and private communication between colleagues

Controlled communication and security settings via Mobile Device Management.

Hosted and operated by DPAG on German servers (BDSG compliant, ISO certified)
The app can be managed easily for the entire organisation, which means that compliance is ensured.
Whether you have a BYOD policy for your employees or supply them with company phones, or use a
combination of the two - with SIMSme Business, you can be sure of secure company-wide
communication.
2 Components
The following components are needed for using the SIMSme Business app with AppConfig via the
Mobile Device Management Platform by MobileIron:
MobileIron Administration Platform - A server-based console by MobileIron that enables companies
to automatically configure AppConfig-supported apps like SIMSme Business, distribute them within
the organisation, define usage guidelines, manage app functions and delete the application on certain
devices as necessary.
AppConfig Community - The AppConfig community facilitates the introduction and use of mobile
enterprise applications under one unified approach. The comprehensive configuration and security
options are based on the Managed App Configuration provided by Apple for iOS 7 and later versions.
SIMSme Business iOS App - The Standard Business Version of SIMSme for iOS supports Managed
App Configuration and enables the setting of the parameters as described in this document. The app
is available to download from the iTunes App Store and requires a user licence, which can be ordered
via the SIMSme website.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 2/15
Adding MobileIron users and devices
3 Adding MobileIron users and devices
3.1 Add via browser
1. Open the MobileIron console in your browser and log in.
2. To add a new user, select the Devices & Users tab and go to Users.
3. On the Users tab, click the Add / Add Local Use’ button, enter the user's information and save by
clicking Save.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 3/15
Adding MobileIron users and devices
4. The user will then have been added successfully.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 4/15
Adding MobileIron users and devices
5. To add a device, go to the Devices tab and open Add / Single Device. Select the desired user and
the device platform in the template and confirm by clicking Register.
6. The login information will be shown and sent to the email address previously provided.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 5/15
Adding MobileIron users and devices
3.2 Add via an iOS Device
1. Open the browser of the
iOS Device, enter the URL
from the email and confirm
with Get App.
2. Install the app from the
App Store.
4. Enter server and
password
5. Confirm the registration
6. Accept the data
protection policy by
clicking Continue
8. The browser will be
opened again and
display a notification
telling you the installation
was successful
9. The MobileIron App will
be available on the iOS
device once the profile
installation is completed.
10. The status of the
connection to the MDM
can be viewed via the
MobileIron app.
The -evice is now
available on the console
3. Enter username
7. Fully install the profile
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 6/15
Managing apps with MobileIron
4 Managing apps with MobileIron
4.1 Add an app
1. To add an app such as SIMSme Business to the MobileIron console and distribute it to users’
devices, select the Apps tab and click Add.
2. Select Apple iTunes as the source or In-House for customised apps.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 7/15
Managing apps with MobileIron
3. Search for SIMSme Business in the app directory and tap the app. The application will now be
shown under the source iTunes in the app catalogue. Select the application from the app catalogue
and confirm by clicking Apply to labels under Actions.
4.
To apply a device label to the application, select, e.g. the iOS label from the list and confirm with
Apply.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 8/15
Managing apps with MobileIron
5.
To distribute the application to the users, select the application in the app catalogue and select
the function Send Message under Actions.
6.
Check if "Send request for both installations and updates" is enabled and confirm with Send.
7.
After a short time, a push notification that invites the user to install the application will be shown
on the assigned devices.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 9/15
Configuring the app settings
4.2 Add a new version of an app
The process for adding a new version of an app is the same as that for adding an app (see 4.1). If the
app has the same bundle identifier and provisioning profile, sending an update request will share it
across the devices assigned to the label. Uploading a new version is only possible when the version
number and revision number are higher than that of the existing application.
5 Configuring the app settings
To configure the app settings provided through AppConfig, the MobileIron console will import the p-list
(Property list) with the possible SIMSme Business parameter configurations.
5.1 Apply settings
5.1.1
Configure p-list
1. To make the desired settings in the p-list, please open a text editor to edit the p-list. The
screenshot shown here shows how the file can be opened on a Mac using Xcode under (File / New
/ File...). Select the p-list from your local files - you can see a template of the p-list in the download
area at the SIMSme website.
2. You can now add data to the p-list by specifying the Key, Type and Value and configure it in
accordance with your IT security policies. You can see a list of possible parameters under 5.2.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 10/15
Configuring the app settings
5.1.2
Import settings via MobileIron
1. To import the configuration defined through the p-list and to effectively apply them to the app, open
the tab Policies & Configs.
2. Under the Configurations tab, select the Add New button, select iOS and OS X from the drop-down
menu and then select Managed App Config.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 11/15
Configuring the app settings
3. In the New Managed App Config Setting, enter a name e.g. MDM_SIMSme, the bundle ID and the
save location of the p-list and confirm with Save.
4. Select the newly-created configuration, tap the button More Actions and select Apply to Label from
the opened drop-down menu.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 12/15
Configuring the app settings
5. In the list, assign a label to the newly-created configuration, e.g. iOS, and confirm with Apply. The
configuration will then come into effect for the label and app, and will be applied app-side to the
user interface and functions as specified.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 13/15
Configuring the app settings
5.2 List of possible parameters
No.
Key
Type
Range of
values
Description
1
disableNoPwLogin
Boolean
true/false
Toggle "Ask for password on
startup" is disabled and implicitly
set to true Any keychain entries
are removed See note 2)
2
simsLockApplicationDelay
Integer
0-10
The setting will be applied 1:1 to
the settings Setting "Ask for
password after...’" is disabled
3
forceComplexPin
Boolean
true/false
The toggle "Simple code" is
disabled. See note 3)
4
simsPasswordTries
Integer
3,5,10
When set, the Delete Data setting
is disabled
5
disableSaveToCameraRoll
Boolean
true/false
When set, the Secure Media
setting is disabled
6
disableSendMedia
Boolean
true/false
When this setting is enabled, it will
only be possible to send texts.
7
disableOpenIn
Boolean
true/false
When this setting is enabled,
images and videos can no longer
be saved and files can no longer
be shown.
8
passwordMinLength
Integer
0-99
See note 3)
9
passwordMinSpecialChar
Integer
0-99
See note 3)
10
passwordMinDigit
Integer
0-99
See note 3)
11
passwordMinLowercase
Integer
0-99
See note 3)
12
passwordMinUppercase
Integer
0-99
See note 3)
13
passwordMinClasses
Integer
0-4
See note 3)
14
passwordMaxDuration
Integer
0-65535
See note 4)
15
passwordReuseEntries
Integer
0-100
See note 5)
16
disableExportChat
Boolean
true/false
When this setting is enabled, the
chats can no longer be exported
as a text file.
Note 1) Simple settings are saved in the NSUserDefaults. If the MDM configuration for this is changed,
then the settings will will be applied to the NSUserDefaults.
Note 2) If TouchID or "Startup without password" are disabled, then the relevant keys in the KeyChain
will also be deleted.
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 14/15
Configuring the app settings
Note 3) If the configuration for passwords is changed, the password will be requested shortly after.
This occurs regardless of whether or not the password is always requested upon startup. This is
necessary because we only save passwords indirectly and do not wish to make information about
passwords available to an attacker. The old password will then be checked against the password
policies. If it no longer complies with the password policies, the user will be forced to change their
password. The new password will of course also be checked to make sure that it complies with the
policies.
Note 4) Upon changing a password, the expiry date of the password will be calculated based on the
current date and the MaxDuration. For performance reasons, the device date will be used. If the
setting is changed, a new expiry date will be calculated.
Note 5) In order to realise this feature, it is necessary to securely hash the passwords on the device.
The password will then be hashed via Bcrypt with a fixed number of iterations. The hashed passwords
will not be saved directly, but encrypted using an AES key. The AES key itself is encrypted using the
device’s RSA key.
If you have any questions about the steps or possible parameters described in this document, please
contact our support team at [email protected].
Version 1.0 I As of August 2016 I [email protected] I www.sims.me/business 15/15