Organizations using the Gmail infrastructure might be familiar with the challenge of securing email endpoints for Gmail and preventing mail from circumventing the secure endpoint. Workspace ONE UEM addresses these challenges by providing a flexible and safe method to integrate your email infrastructure.
In the direct Gmail deployment model, Workspace ONE server communicates directly with Google. Depending on the security needs, you can choose to store the Google password in the Workspace ONE database or remove it from the database.
In the password retention or storing configuration, Workspace ONE UEM stores the Google password in its database. When the device is non-compliant, Workspace ONE UEM resets the password on Google preventing the user from logging into other device. When the device is back to compliant status, Workspace ONE UEM resets the old password on the Google server and the user can log in using the old password.
In the password removal configuration, Workspace ONE UEM does not store the Google password in its database. When the device is non-compliant, the email profile is removed from the user's device preventing the user from receiving emails. When the device is back to compliant status, Workspace ONE UEM triggers a new password, sends it to Google and the device through the email profile.
For more information on how to configure the direct Gmail model, see Integrate Direct Model using Password Management.