Within the enterprise setting, it is essential for mobile device administrators to control access to such resources as electronic mail, contacts, calendar data, virtual private network (VPNs), and so on. Specifically, administrators must ensure that only authorized users have access to mobile devices as such devices may otherwise allow unauthorized users to gain access to the enterprise network environment. Enterprise administrators of smartphones, tablets, laptops, and other mobile devices therefore incorporate security measures to prevent unauthorized access to sensitive information and enterprise resources.
To reduce the cost of purchasing mobile devices and corresponding service charges, an enterprise further may allow employees to utilize personal mobile devices under a “bring your own device” (BYOD) policy to access enterprise resources. However, in instances where the corporate device is procured directly by the end user, enterprise administrators must provision the client device while the device is physically within the enterprise network (i.e., behind the enterprise firewall) in order to implement various policies that impose certain restrictions on accessing enterprise resources by client devices. As a result, the organization may incur overhead not only in time allocated for provisioning the device but also in shipping costs and delay to the end user.