Even if you protect your corporate email, Wi-Fi, and VPN with strong passcodes, and with other restrictions, your infrastructure still remains vulnerable to attack, in addition to employee error. You can implement digital certificates, known as certificates, to protect corporate assets.
To do this, you must first define a certificate authority, then configure a Credentials payload alongside your EAS, Wi-Fi, or VPN payload. Each of these payloads has settings for associating the certificate authority defined in the Credentials payload.