Introduction

In this article,  you will learn how to auto block and wipe inactive mobile devices in Google Workspace  using the Foresight Automation tool , providing enhanced security and efficiency. In today's digital landscape, ensuring data security is paramount. With the increasing use of mobile devices in the workplace, it becomes crucial to manage and protect these devices effectively.

Your Google Admin Console > Devices > Mobile page may have hundreds or thousands of devices. Those mobile devices which do not sync for a long time (30 days or 45 days) may put your corporate data in risk. It opens up a security hole for unauthorized access to the corporate data on the original devices.

Inactive mobile devices in Google Workspace is a security risk
Inactive mobile devices in Google Workspace is a security risk

To mitigate the risk of data leak, there shall be an automated way to report, block and wipe these inactive mobile devices on time. Google is aware of the problem and provides some options.

With that said, certain Google Workspace editions limit these options, and the features are exclusively available on Android. The security features aren't flexible enough.

This article demonstrates how xFanatical Foresight can help you automate reporting, blocking and wiping inactive mobile devices with your needs.

Introducing xFanatical Foresight Automation tool

xFanatical Foresight Automation tool is a powerful tool within Google Workspace that offers comprehensive device management features. This tool allows administrators to create automated workflows, enabling them to perform various actions based on predefined conditions. One such action is the ability to automatically block and wipe inactive mobile devices, providing an added layer of security.

Video demo

Rule Creation

  1. Log in to your xFanatical Foresight account with your Google Admin account. 
  2. Go to the Rules page and click the New Rule button.
  3. Select the Mobile device turned inactive  trigger from the select a trigger screen.Select the Mobile device turned inactive trigger from the select a trigger screen
  4. In the Edit trigger screen,enter the exact number of inactive days after which you wish a mobile device is considered as inactive, 15 days, 30 days, 45 days, 60 days etc.
  5. Click Next.Enter the exact number of inactive days after which you wish a mobile device is considered as inactive
  6. In the Select an action screen, select Get mobile device info action. In the Select an action screen, select Get mobile device info action.
  7. In the Edit actions screen, In the Device id field, select the Device ID variable from the drop down. In the User primary email field, select the Device user email variable from the drop down.
  8. Click Add next action.
  9. In the Select an action screen, select Block mobile device action.Select Block mobile device action
  10. In the Edit actions screen, select the Device ID variable in the Device id field, select the Device user email variable In the User primary email option from the drop down list.In the Device id field, select the Device ID variable from the drop down. In the User primary email field, select the Device User Email
  11. Click Add next action.
  12. In the Select an action, screen select the Wipe mobile device action.Select Wipe mobile device action
  13. In the Edit actions screen, select the Device ID variable in the Device id field. Select the Device user email variable in the User primary email field.
    • In the Device wipe type option, select Wipe an account from the device.In the Edit actions screen, select the Device ID variable in the Device id field. Select the Device user email variable in the User primary email field
  14. Click Add next action.
  15. In the Select an action screen, click the Email action.In the Select an action screen, click the Email action
    • In the To field, Enter the email addresses of the administrators who receive the inactive mobile device reports.
    • Specify the subject of the email in the Subject field.Select the To field. Specify the subject of the email in the Subject field
    • Compose an email in the Email body field. If you need to include dynamic data such as the user's full name, device model, operating system, first sync time, or last sync time, click the icon to insert the available variables.
    • Click Review.Compose an email in the Email body field
  16. Enter the Rule name, click Create.

Rule Triggering

Once your rule is created, it will automatically trigger if any mobile devices haven't synced for the specified number of days. When this happens, you will receive notifications within the xFanatical Foresight Automation tool immediately. If no devices meet the criteria right away, the system will continue monitoring and will notify you when an event occurs in the future.

For each inactive mobile device identified:

  • The user of the device will receive an email notification.
  • The administrators will receive an email notification.
  • The mobile device will be blocked and wiped to ensure security.xFanatical Foresight rule to Auto block and wipe inactive mobile devices in Google Workspace
    xFanatical Foresight rule to Auto block and wipe inactive mobile devices in Google Workspace

Benefits and Efficiency Gains

The automated block and wipe functionality offered by xFanatical Foresight Automation tool brings several benefits to organizations:

  • It enhances data security by minimizing the risk of unauthorized access to company information. 
  • Streamlines device management processes, reducing the administrative burden on IT teams. With automated actions in place, manual intervention is no longer necessary, saving time and resources.

Conclusion

The xFanatical Foresight Automation tool for Google Workspace provides a robust solution for auto-blocking and wiping inactive mobile devices. By implementing xFanatical Foresight Automation tool, organizations can significantly enhance their data security and reduce administrative overhead. Safeguard your organization's sensitive information with the power of Foresight Automation.

Notes

  • You can create different rules for different inactivity timeout days. For instance, create a 7 days inactivity rule to Email inform the user the company's mobile device policy. And create a 15 days inactivity rule to block mobile devices. If the users don't react to the warning and still do not turn on and sync their mobile devices, their mobile devices would be blocked.
  • If your rule does not trigger, one common cause is the mobile devices' last sync time is not exactly the inactivity timeout you set.
  • You can customize the rule to conditionally block or wipe inactive mobile devices using the IF action after the Get mobile device info. The Get mobile device info action outputs many variables, like Device type, Device Status, OS Security Patch Date, Brand, OS Version etc.
  • The Wipe mobile device action's Device wipe type is device-specific. Not both options are available. You're recommended to read the Google documentation Remove corporate data from a device.

Try a 14-day free trial with Foresight and manage your tasks. 

You may also like

Share on LinkedIn Share on Reddit Share on Pinterest