MDM Deployment
PocketSOC supports deployment and configuration via Mobile Device Management (MDM) solutions like Jamf, Intune, or Mosyle.
Managed app configuration
When deployed via MDM, PocketSOC reads configuration values from the managed app configuration dictionary. Administrators can enforce the following policies:
| Key | Type | Description |
|---|---|---|
screenRecordingProtectionEnabled | Boolean | Prevents screenshots and screen recordings within the app |
inactivityTimeoutMinutes | Integer | Auto-locks the app after the specified minutes of inactivity (0 = disabled) |
demoModeDisabled | Boolean | Prevents users from using Demo Mode |
How it looks in the app
When the app detects it is managed by MDM, the Settings screen displays an "This app is managed by your organization" banner showing which policies are active:
- Screen recording protection status (enabled/disabled)
- Inactivity timeout configuration
- Demo mode availability
Deploying via Jamf
- Upload PocketSOC to your Jamf Pro App Catalog or assign it via Apple Business Manager.
- Create a Managed App Configuration plist:
xml
<dict>
<key>screenRecordingProtectionEnabled</key>
<true/>
<key>inactivityTimeoutMinutes</key>
<integer>15</integer>
<key>demoModeDisabled</key>
<true/>
</dict>- Assign the configuration to your target devices/groups.
- Deploy.
Deploying via Intune
- Add PocketSOC as a managed iOS app in Intune.
- Under App configuration policies, create a new policy.
- Add the configuration keys listed above.
- Assign to your device groups.
Notes
- MDM configuration is read on app launch and when the app returns to the foreground
- Users cannot override MDM-enforced policies
- MDM configuration does not replace portal sign-in — users still need to authenticate through the portal to access vendor data