Monitor Enrollment and Activation

You can review users and their devices in the Mobile Threat Defense enrollment smart group in Workspace ONE UEM.

Navigate to Groups & Settings > Groups > Assignment Groups and locate the smart group you created in step 3 of the integration workflow. In the integration workflow example, the smart group name used is Devices in Customer OG but you must select the smart group you created.

Once you locate the smart group you made, select it and set Device Preview to ENABLED to view all the devices in that smart group.

Workspace ONE Mobile Threat Defense polls Workspace ONE UEM for enrolled devices and displays them on the Devices page of the Workspace ONE Mobile Threat Defense Console. Initially, discovered devices have a Status of Pending. As end users open and activate Lookout for Work, the activated devices move out of Pending status and change to Secured.

End User Device Activation

Workspace ONE UEM distributes Lookout for Work as configured in the app’s Assignments tab.

  • Android: If you have pre-granted permissions for Android users and enabled Zero-Click activation from the integration workflow, Workspace ONE UEM installs and launches Lookout for Work app. Lookout for Work activates and starts up without requiring user interaction.

    • If you have pre-granted permissions but not enabled Zero-Click activation, the user must open Lookout for Work. Once they open the app, it activates and starts up.

    • If you have not pre-granted permissions, the app prompts the user to accept them. If an Android user declines permissions, Workspace ONE Mobile Threat Defense cannot provide security coverage, as it requires access to the corresponding information in order to detect threats.

  • iOS: If you have configured Forced Activation for supervised iOS Devices from the integration workflow, the on-device VPN blocks Web traffic when a device attempts to connect to a site via HTTP (HTTPS traffic is permitted). A notification alerts the user to activate Lookout for Work. The user must open the Lookout for Work app, which then prompts for the required permissions and then activates.

    • If an iOS user declines permissions or closes the app, their device is still activated and secured in Workspace ONE Mobile Threat Defense and in your MDM. Lookout cannot alert the user of issues without having device permissions, but it continues to report issues to the Workspace ONE Mobile Threat Defense console.
check-circle-line exclamation-circle-line close-line
Scroll to top icon