Installing the Harmony Mobile Protect App

Permissions for Android Devices

To ensure that the Harmony Mobile solution works as expected on your device, you must provide these permissions when you install Harmony Mobile Protect App. If your organization uses UEM Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point., then the permissions can be granted automatically by the UEM.

Permission	Description
Location Permission	Allows an application to access the device location. Harmony Mobile uses this permission to enrich the threat event reports with location.
Notification Permission	Allows an application to display notifications on the device. Harmony Mobile uses this permission to: Notify mobile devices that a policy update is available so that the policy can be enforced in a timely manner, instead of waiting for the next policy polling time (occurs once per day/24 hours by default). Notify any security event to the end-user and offering mitigation actions for events which require manual intervention from the end-user (For example, delete files, uninstall a malicious or risky mobile app, disconnect from an unsecure WiFi).
Network Permission	Allows an application to intersect the mobile device network traffic. Harmony Mobile uses this permission to bring up a local VPN to inspect the data traffic and mitigate any detected network threat.
Camera	Allows an application to use the device's camera. Harmony Mobile uses this permission to scan QR code in the on-boarding process.
Background Activity	Allows an application to run in the background without being killed by the OS to save battery.
Admin privileges	Required when Harmony Mobile is integrated with Knox Agent on Samsung Android devices.
External Storage	Required if the policy includes storage scan.
SMS Permission	Allows Harmony Mobile to scan SMS messages for malicious URLs.

Installation Procedure

1. Open the Harmony Mobile registration email or the SMS sent by your System Administrator. The email or the SMS contains:

   • Server address and the registration key to register the app.

   • Link and QR code to download the app.

     Sample Email:

     

2. Tap the Download link or scan the QR code.

   The Google Play Store page for the Harmony Mobile Protect App appears.

3. Tap Install.

   

4. Tap Open when the installation completes.

   

   The App registers automatically.

5. Tap Continue.

   

6. Enable the security permissions (based on the security policies Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. of the organization).

   

7. Tap Location and then tap the required option.

   

8. Tap Network Protection and then tap OK to allow Harmony Mobile Protect to configure a VPN connection. This is necessary for the functioning of Network Security Protection features such as Safe Browsing and Anti-Phishing.

   

   Note - To protect the user privacy, this VPN does not direct the traffic externally. It keeps all data on the device and uses the VPN functionality only to examine the destination, while it makes sure the device does not connect to malicious or fraudulent locations.

9. Tap Background activity and then tap Allow.

   

10. To enable notification access, tap Enable.

    

11. In the Notification access page, tap Protect.

    

12. Enable Allow notification access.

    

13. Tap Allow.

    

14. To go back to the Protect App, tap the Back button twice.

15. (Optional) Tap Install and install the CA certificate.

    If not required, tap Skip.

    

16. If you are installing the CA certificate, after installation, tap the Back button to go back to the Protect App.

17. The Protect App starts initialization.

    

    

18. When the App completes to examine the system, it displays the state of the device. In this example, the device is without malicious or high risk apps, network and OS threats.