Skip to content

Secure Mobile Microsoft 365
Applications with


SureMDM Support for Microsoft 365

42Gears UEM simplifies the configuration of Microsoft 365 email and deployment of Microsoft 365 applications on both employee-owned and corporate-owned mobile devices. Configuring Microsoft 365 outlook email is as simple as configuring a profile on the SureMDM console and pushing it to a device/set of devices. Microsoft 365 applications can be deployed using the enterprise app store feature.

Managing Microsoft 365 Apps and Email Security


Defining and enforcing security policy framework across all emails and mobile apps are of utmost importance to the IT department. SureMDM provides a platform to configure business email deployments securely on business approved devices, which enables employees to access business emails from their mobile devices without compromising data security.

Device Enrollment


Depending upon whether an organization is using Cloud Authentication or Federated Authentication, IT admins can configure SureMDM to authenticate end-users before they enroll their devices. This can either be SAML or OAuth-based authentication.

Certificate-based Authentication


Accessing corporate emails on personal devices offers a level of convenience and improves productivity. However, it may also pose many challenges, such as ensuring security over unsecured networks, deploying emails across multiple mobile devices and restricting them against unauthorized access. Certificate-based authentication helps corporates deal with such challenges. Certificates deployed on devices allow employees to access business emails on their devices. Failing to comply may restrict access to emails.

Mobile Email Management (MEM)


Allowing email access to only certificate-deployed devices doesn’t secure emails completely. Corporate emails can be leaked via other email accounts configured on the user’s device. To curb this possibility requires an extra level of security known as Mobile Email Management (MEM).

The MEM feature in SureMDM disallows users from accessing emails through secondary email clients except for the approved email client that supports required security controls. From the Microsoft 365 Admin center, IT admins can disable email access for all mobile email clients by default. When devices enroll into SureMDM, employees will automatically get email access on the pre-approved email client on the device.

Data Loss Prevention (DLP)

  • Data transfer Policy - Configure restriction policies in Microsoft 365
  • Encryption Policy - Encrypt and secure corporate data transfer 
  • Functionality - Set rules for content sharing
  • Access Permissions - Set up conditional access requirements

By deploying Microsoft 365 apps through SureMDM, 42Gears enforces containerization of applications to prevent data loss. The containerization policy denies users from sharing Microsoft 365 data to personal apps. 42Gears offers different containerization controls for different operating systems such as Apple iOS, Android and Windows.


Apple iOS: 42Gears supports containerization for Apple managed apps to prevent data loss from work and personal apps. Users are not allowed to exchange emails between work accounts and personal accounts. It also prevents email attachments from being saved into personal apps.


Android: 42Gears offers containerization for Android devices, which enables Microsoft 365 apps and email to be deployed inside an email app container. It prevents data leakage between work and personal apps, ensures Microsoft 365 data is encrypted, managed and can be remotely wiped. Moreover, businesses can enforce advanced DLP features, such as restrictions on screen capture and copy/paste.


Windows: 42Gears offers containerization for Windows devices to ensure emails are set up only on managed devices and can be wiped remotely.