Android Enterprise (AE) MDM

Android Enterprise Validated MDM: Codeproof aligns with Google’s program requirements across work profile, fully managed and dedicated deployments.

Android Enterprise is Google’s modern framework for managing Android at work. Codeproof integrates natively with AE to help IT onboard devices faster, enforce security policies, distribute apps via Managed Google Play, and keep fleets compliant.

  • Modes: BYOD work profile, fully managed, and dedicated (kiosk)
  • Enrollment: zero-touch provisioning, QR code, and EMM token
  • Security: runtime permissions, FRP, web filtering, Play Protect & Safe Browsing
View Pricing Talk to Sales
Codeproof console managing Android Enterprise work profile, fully managed and kiosk devices

Enrollment Options

EMM Token

Enroll Android 6.0+ quickly with an enrollment token—ideal for smaller batches and devices without NFC.

QR Code

Scan to enroll in device owner or profile owner mode—perfect for rugged fleets and email-free workflows.

Zero-touch Provisioning

Ship devices pre-configured with management, apps, and network settings—no manual setup required.

Tip: See Android zero-touch enrollment for step-by-step guidance.

Android Enterprise enrollment via token, QR and zero-touch

Android Enterprise Device Management

Enterprise Use Cases

BYOD Work Profile (Profile Owner)

Keep personal and work separate by securing a work container for managed apps, data, and policies—preserving user privacy.

Fully Managed (Device Owner)

Company-owned deployments with advanced controls not available to BYOD—ideal for corporate and frontline operations.

Dedicated Devices (Kiosk)

Lock to one or a set of apps for single-purpose scenarios (retail, signage, ticketing, inventory). Formerly COSU.

Work profile, fully managed, and dedicated (kiosk) modes in Android Enterprise

Key Management Features

Policies & Restrictions

Control Wi-Fi, Bluetooth, USB, roaming, camera, system updates and 100+ settings. Apply at group level and auto-inherit for future devices.

Managed Google Play

Silently install, update, or remove apps; push private web apps and managed configurations—no user prompts required.

Allow/Deny Lists & Chrome Controls

Whitelist/blacklist apps and browsers, centrally configure Chrome, and block risky sites.

Contacts, Email & Updates

Publish corporate contacts; configure Exchange/Office 365 and IMAP/POP; schedule OS updates and patches.

Helpdesk & Remote Actions

Lock, locate, wipe, and troubleshoot remotely—plus alerts, webhooks, and scheduled reports.

Android Enterprise Security

Factory Reset Protection (FRP)

Deter unauthorized device resets on company-owned devices with FRP policies and controls.

Block Preloaded Apps

Disable unwanted OEM apps to reduce attack surface and conserve data/battery.

Runtime Permissions

Set and enforce app runtime permission policies and grant states at scale.

Android Enterprise security: FRP, permission policies and app controls

Web Filtering & Site Blocking

Create allow/deny lists and apply safe browsing rules to keep users away from risky domains.

Google Play Protect

Leverage malware protection signals from Google Play Protect to reduce exposure to harmful apps.

Google Safe Browsing

Warn users about unsafe websites or downloads using Safe Browsing integrations.

Dig Deeper

Explore enrollment, Android Enterprise, BYOD, APIs, and the broader MDM platform.

Android Enterprise FAQs

What is Android Enterprise and why use it with MDM?
Android Enterprise (AE) standardizes how EMMs enroll devices, enforce policies, distribute apps via Managed Google Play, and separate work and personal data across BYOD work profile (profile owner), fully managed (device owner), and dedicated (kiosk) modes—improving security, user privacy, and compliance.
Which device modes are supported?
BYOD work profile, fully managed (company-owned), and dedicated (kiosk/single-purpose) devices.
Does MDM enrollment require a Gmail account on the device?
No personal Gmail is required for Android Enterprise enrollments. MDM uses managed Google Play accounts (created by the EMM) or zero-touch/QR/token provisioning to enroll without personal Google sign-in.
Can I enroll devices without touching them?
Yes — use Android zero-touch to ship devices pre-configured with management, apps, and settings.
What is Android Enterprise registration and why is it needed?
Android Enterprise registration (enterprise binding) connects your MDM tenant with Google. It enables Managed Google Play, app approvals, and AE enrollment methods at scale.
How are apps distributed?
Through Managed Google Play: silently push, update, or remove apps and configure managed app settings remotely.
What security features are included?
Runtime permissions, FRP, web filtering and Chrome controls, Google Play Protect, and Google Safe Browsing—plus remote lock/locate/wipe and compliance reporting.
What is Work Profile?
Work Profile creates a managed container on a personal device (BYOD). Corporate apps/data live in the work side; personal apps/data stay private and separate.
What is Fully Managed?
Fully Managed (device owner) is for company-owned devices used primarily for work. IT controls settings, apps, updates, and security baselines across the whole device.
What is Lock Task Mode?
Lock Task Mode (kiosk) pins the device to one or a limited set of apps and restricts system UI (home, recents, status bar), keeping users focused on a single-purpose workflow.
What is DO (Device Owner)?
Device Owner is the Android Enterprise management mode for company-owned devices, giving the MDM full control (policies, apps, updates). It underpins fully managed and dedicated (kiosk) deployments.
What is COPE?
COPE (Company-Owned, Personally Enabled) combines company ownership with personal use. IT manages the work profile and device posture while users keep a separate personal profile.
What is COB/COBO?
COBO (Company-Owned, Business-Only—sometimes shortened as COB) is a fully managed deployment where devices are locked down for work use only (no personal profile).
What is a DPC (Device Policy Controller)?
The DPC is the management agent app on the device that applies MDM policies, enforces restrictions, and communicates with the MDM server (EMM).
What is Device Admin?
Device Admin (legacy Device Administration API) is the old Android management model. It’s deprecated in modern Android; Android Enterprise is the recommended approach.
What is FRP (Factory Reset Protection)?
FRP prevents unauthorized use after a factory reset by requiring the previous Google account or approved admin credentials. MDM can configure FRP behavior on managed devices.
What is Google Play Protect?
Google Play Protect provides Google’s built-in malware scanning and app verification services. MDM can require Verify Apps and surface security signals for compliance.
What is AfW?
AfW (Android for Work) is the former name for Android Enterprise. The modern program is Android Enterprise (AE).
What is Token Enrollment?
Token enrollment uses an enrollment token (or DPC identifier) during setup to download the DPC and auto-provision the device into MDM with the right policies and apps.
What is QR Code Enrollment?
During setup, the device scans an IT-provided QR code containing the DPC and configuration. The device then enrolls automatically into work profile, fully managed, or dedicated mode.

Customer stories

Bob Baerwalde, CTO, United Taxi

"Throughout my experience with Codeproof, it has worked flawlessly. Even more importantly, Codeproof support is unrivaled."

— Bob Baerwalde, CTO, United Taxi

CJ Brown, Vice President, Operations at Regional Express Inc.

Working with Codeproof has been a relief, it allows our company to have control over software and devices and visibility to ensure our employees have the proper equipment to do their job each and every day.

— CJ Brown, Vice President, Operations at Regional Express Inc.

Patrick Delaney, Daniel Mullins Trucking

We didn’t make a single compromise to get the protection we wanted and needed.

— Patrick Delaney, Daniel Mullins Trucking

Rachel Gutzke, Champion National Security

We have site phones that we need locked and tracked. We have recovered lost or stolen phones...and pushed new apps remotely.

— Rachel Gutzke, Champion National Security

Dylan Smith, Aculabs Inc.

The Codeproof platform not only assists in fleet management, it has made retrieving company property far more reliable.
Customer support is always accessible, and the team consistently goes out of their way to ensure the MDM platform meets all of our needs.

— Dylan Smith, Aculabs Inc.

Marvin Martin, Compass Foundation

Codeproof had the right balance of easy individual device configuration and group-level settings, as well as an excellent support team and willingness to add new features to meet our needs, all at a competitive price.

— Marvin Martin, Compass Foundation

Natalie McCall, Director, Finanace & Business Operations.

Having our employees work in remote locations, Codeproof has really helped us manage our devices...They are very helpful and detailed when explaining thing.

— Natalie McCall, Director, Finanace & Business Operations.

Merle Bauman, MWPOL

Codeproof has made device management much easier than some larger MDM solutions. From the beginning of our trial Console, up to the present, we were able to easily contact the development team at Codeproof with any ideas for improvements.

— Merle Bauman, MWPOL

Pamela Ward, Account Manager II, Sprint

With Codeproof, the first thing I noticed is that the UI is much more intuitive and simpler to navigate. I feel like there are as many, if not more, features available to me in Code Proof but they are a little easier to find.

— Pamela Ward, Account Manager II, Sprint

Lori Yamaguchi, Executive Director, Always Dream Foundation

Foundation is so grateful for the partnership with Codeproof and their willingness to support students and families in need of literacy resources. While our technical needs are likely less than that of other companies, we have found great value in the Codeproof product.

— Lori Yamaguchi, Executive Director, Always Dream Foundation

Irvyn Mamwell, Mobile/Asset Management IT Manager, TetraTech

Codeproof has great customer support. If there is an issue, or if we need assistance with anything, they are very quick to respond and lend a hand.

— Irvyn Mamwell, Mobile/Asset Management IT Manager, TetraTech

Terry Peters, Director Product Development & Project Management

Terrapin Pharmacy’s Executive Management and Technology Developers would be extremely likely to recommend Codeproof to others based upon the interactions we have had with the Codeproof team and the can-do culture within their organization.

— Terry Peters, Director Product Development & Project Management

William Burke, IT Director and CISO at Gersh Management.

Codeproof is a very comprehensive MDM product. We received great service at all times from their technicians when we had issues. They are continually working on improving the product with feedback from customers like us, so we can have better control of our remote equipment.

— William Burke, IT Director and CISO at Gersh Management.

Tracy Slattery, District Teacher Coordinator - Assessments & Technology, Atlantic City School District

[An] upbeat, well-organized, and helpful company. Codeproof provided superior customer support during a time of uncertainty.

— Tracy Slattery, District Teacher Coordinator - Assessments & Technology, Atlantic City School District

Daramid Mercado, Director of Information Technology at Miami Beach Medical Group

Codeproof has been an asset in maintaining security, control and reducing liability of our mobile devices by allowing us blanketed control of our mobile fleet at all times regardless of day and location. It will continue to be the foundation for our mobile security for now and the future. Their security options and scalability is priceless.

— Daramid Mercado, Director of Information Technology at Miami Beach Medical Group

<b>Jeffrey Falkingham</b>,<br>Owner of NHBlackLabs Delivery LLC

I chose Codeproof over other players in the market because it's simple and customizable dashboard caters to the needs of my business. Codeproof tries to find solutions and treats you as partners rather than just a customer.

Jeffrey Falkingham,
Owner of NHBlackLabs Delivery LLC

Krishna Sharma, Senior Lead - Cyber Security, Innovapptive Inc.

I chose Codeproof for our internal MDM solutions over other options because the case study and utilization of the system were very understandable. It decreased our potential costs related to device investments while increasing device security and reducing operational costs.

— Krishna Sharma, Senior Lead - Cyber Security, Innovapptive Inc.

aculabs
champion
compass
daniel mullins
horizon
mwpol
sprint
tetratech
always dream
spacex
t-mobile
alliance schools
piper fire
canadian armed forces
nissan
sims crane
university academy school
terrapin

Maximize employee productivity through Codeproof

Start free 14-day trial Book a live demo