Need to remotely manage your mobile devices? Our enterprise level device management platform has you covered.

Policy + App Policy + AMAPI = Ultimate Remote Device Control

This formula encapsulates how we leverage the full capabilities of Google's Android Management API (AMAPI) to deliver unparalleled command over your Android device fleet.

Information & News

• Policy: Define granular, device-level security and operational policies – from Wi-Fi configurations and VPN settings to password complexities and screen lock behaviors. Kiosk modes Camera & custom wallpapers & device location.
• App Policy:Extend control to the application level, managing app distribution via Managed Google Play, configuring app permissions, enforcing data loss prevention (DLP) rules, and ensuring compliance within specific corporate applications,with the ability to predefine application settings direct from our console.
• Possibilities, Alongside managing Android devices via AMAPI we have started to explore Apple & Microsoft device management. With the aim of using one common seamless interface for all your device management.

The result? Remote Device Control that is precise, comprehensive, and always at your fingertips, enabling you to secure, provision, and troubleshoot your devices with unprecedented efficiency from a centralized console.

Subdomain Or TLD Domain that is the question!

A crucial decision point in the evolution of Codename Guardian was defining our domain strategy for delivering isolated, secure environments to each of our tenants and partners. The question of whether to utilize subdomains or top-level domains (TLDs) for each instance was central to our architectural planning and commitment to scalability and security. We meticulously weighed the advantages of each approach:

Improvements

Subdomains (e.g., tenant1.yourplatform.com)

• Pros: Simpler certificate management (wildcard SSL), easier for us to manage and provision, clear association with the "Codename Guardian" brand, often more cost-effective.
• Cons: Less perceived "brand independence" for white-label partners (though CNAME records mitigate this).

Top-Level Domains (e.g., yourpartnerbrand.com)

• Pros: Complete brand independence for white-label partners, potentially higher perceived trust.
• Cons: More complex and costly certificate management, higher administrative overhead for both us and our partners, potential SEO challenges.

Ultimately, for Guardian, our commitment to streamlined onboarding, robust security, and seamless management at scale led us to implement a flexible and efficient domain structure. This decision ensures that whether you're a direct enterprise tenant or a white-label reseller, your instance of Guardian operates securely and reliably, backed by our centralized platform.

User Role & Permissions - control measures & security

Project Guardian's multi-tenant architecture is underpinned by a sophisticated user role and permissions system, ensuring that access to device management functionalities is precisely controlled and deeply secure. This granular control is a paramount security measure, safeguarding sensitive corporate data and operations within each tenant's environment.

Improvements

• Granular Role-Based Access Control (RBAC): Define and assign specific roles with tailored permissions, ensuring users only access the data and functionalities relevant to their responsibilities.
• Tenant-Level Isolation: Permissions are strictly enforced within each individual tenant's secure environment, preventing unauthorized access or data crossover between separate organizations.
• Audit Trails: Comprehensive logging of all administrative actions, providing transparency and accountability for every change made within the system.
• Secure Authentication: Integration with robust authentication methods to protect administrative access to the platform.
• Least Privilege Principle: Our system inherently encourages the implementation of the "least privilege" principle, minimizing potential risks by limiting user capabilities to only what is absolutely necessary.

Android Enterprise Integration

Having experience with integrating Android Management Api (AMAPI) helped this part flow without issues. Including PubSub notifications.

Improvements

• Publisher Subscriber patched to enterprise.
• Enabled Notification Types.
• Enterprise Linked to businesses , Allowing tenants to resale their services.
• Managed Google Domain Signup processes.

Scale, Performance & SaaS ...Why not go multi-tenanted!

with a multi-tenant architecture at its core. This wasn't merely a technical choice; it was a strategic decision driven by our commitment to delivering maximum value, scalability, and efficiency to our users.

We recognized that the modern enterprise and the rapidly growing Managed Service Provider (MSP) landscape demanded a solution that could securely and efficiently serve diverse organizations from a single, unified platform.

Improvements, & News.

• Allow a true SaaS product with self-management in mind.
• Scalability - Allows asynchronous tasks and actions from multiple tenants , without impacting performance of the user.
• Security in mind - Separation of data to allow in dedicated data stores & integrations into CRMS/ERP systems.
• Ooooo and why not whitelabel ?

Getting Started Codename Guardian v0.1.0

The journey to empowering seamless Android device management is our goal with a beta release under the codename Guardian v0.10. This version marks a pivotal point in our mission to deliver a robust and scalable. Our POC planed out from the ground up using Google Android Management API.

Our vision for Guardian began with identifying a critical need for a next-generation EMM solution. We recognized the power and future-readiness of the Android Management API and committed to building exclusively on this foundation.