What is Android zero-touch enrollment ?

Mobile Device Management, Mobile Application Management
android zero touch

android zero touch

Today, the number of remote working days is increasing. According to a survey by DARES (Direction of the Animation of Research, Studies and Statistics), 67% of employees telework 2 to 4 days a week. It has therefore become common for a new employee to start his new activity from home.

You might remember when every time you would receive a new work-issued Android phone, you had to spend hours configuring it to meet your company’s security and compliance standards. And install all the necessary apps and updates, which is both time-consuming and frustrating.

It is also frustrating from the IT team’s perspective. With no automation, there are only two options. Either receive all new devices and have them configured by the team before they are shipped to employees, or rely on employees and their mixed IT knowledge to configure them by themselves.

What’s more, any manual setup is prone to errors and any local setup isn’t necessarily evolving as fast as company policies.

Relying on manual device setup is therefore a time-consuming endeavour at scale and a looming security risk.

It was more than necessary to find a way to provide them with all the tools they needed to start their activity: in particular a laptop. The Zero-touch enrollment of Android is one of the solutions provided by Google. We are gonna explain how it works!

What is Zero Touch enrollment? 

Android Zero Touch Enrollment is a technology used in enterprise device management to streamline the setup and configuration process of Android devices. It allows organisations to enroll devices into their enterprise management solution remotely, without the need for manual configuration. This technology is designed to simplify the process of deploying and managing corporate-owned devices, making it easier for employees to get up and running quickly and securely.


With Zero Touch Enrollment, devices are shipped directly from the manufacturer to the end-user with the enterprise management solution already pre-installed and configured. Upon activation, the device automatically connects to the enterprise management solution, where the user can quickly and easily access all of the necessary apps and data. The enterprise management solution can also be configured to enforce specific security and compliance policies, ensuring that the device remains secure even after it is in the hands of the end-user.


This technology offers several benefits for organizations. Firstly, it saves time and resources by automating the device setup and configuration process. Secondly, it ensures that all devices are consistently configured and managed, regardless of who sets them up or where they are located. Thirdly, it improves security and compliance by automating the application of security policies and updates, reducing the risk of data breaches and non-compliance.


Overall, Zero Touch Enrollment is a cost-effective and efficient solution for organisations looking to simplify and streamline their device management process. It provides a secure and streamlined way to manage corporate-owned devices, ensuring that employees have the tools they need to be productive, while also protecting the organisations sensitive data and resources.

What are the benefits of Android Zero-touch enrollment?

The overall benefits of Android Zero-Touch Enrollment are:

  1. Streamlined device deployment and setup process.
  2. Automated application of company-specific configurations, reducing manual setup steps.
  3. Increased security and compliance with corporate standards. The minimal manual work with the application of configuration templates reduces human errors during the setup process. Devices also regularly check-in with the EMM platform to adjust or change their configuration if the IT team made changes.
  4. Consistent device configuration across the organization. As devices are usually grouped by function, platform, security clearance or type, it is easier to deploy templates that are consistent, remotely and automatically applied to devices.
  5. Time and cost savings from reduced IT support and manual setup requirements. Zero-Touch basically reduces the IT guy’s time to manually configure your new device to zero. Devices can therefore be shipped directly to the employee’s workplace instead of being redirected after manual configuration.


More specifically, there are benefits for the user and for IT teams.

Benefits for the user

When receiving an Android device enrolled through Zero-Touch Enrollment, a user should:

 

  • Turn on the device and follow the on-screen instructions to complete the initial setup process.
  • Connect to a Wi-Fi network if prompted. This Wi-Fi will only be used to apply the right configurations and might be forgotten after the set up process if not approved by company policy.
  • Wait for the device to automatically apply company-specific configurations and download any necessary apps or updates.
  • Log in to any required apps or accounts using their corporate credentials.
  • Start using the device for work purposes.

Employees are immediately operational with their equipment. As no action is required, they can directly take advantage of the services without any IT or wait involved.

Employees are also certain that the device is configured properly. It works out-of-the-box with corporate networks including VPNs, has all apps installed and configured for use.

Device & app configurations also remote up-to-date with corporate policies or network changes. Devices also receive regular, corporate-pushed updates.

Finally, Zero-Touch allows companies to ship new devices to remote worker with ease, as no physical IT team is required to complete the setup.

Overall, Zero-Touch combines device readiness and minimal user maintenance. It’s a device set to be ready for work.

For the IT team 

Zero-Touch enrollment provides IT teams with easier and faster device deployments. Devices are configured before they are interacted with, configured from templates and kept in an up-to-date inventory. Any stage of a device can be monitored. Each device’s compliance is checked against pre-defined security policies and configurations.

Zero-Touch should be combined with an EMM tool such as Appaloosa to automate fleet management.
When EMM tools are deployed alongside Zero-Touch, admins can reduce physical interactions to near zero and deploy, support and maintain devices at scale.

Overall, Zero-touch reduces all manual device operations and provides an easy-to-scale blueprint for device deployments. It improves security and compliance through automatic enforcement of corporate policies with a centralized and automated device management.

Which Android devices are compatible with this new technology?

Android devices running Android 7.0 Nougat or later are generally compatible with Android Zero-Touch Enrollment. However, compatibility can also depend on the specific enterprise management solution being used. It is best to check with the device manufacturer and enterprise management solution provider for specific compatibility information.

Where can we find compatible devices?

Finding compatible Android devices for Android Zero-Touch Enrollment can be done by following these steps:

  1. Check the device specifications: The first step in finding a compatible Android device is to confirm that it runs on Android 7.0 Nougat or later. Most devices that run on this operating system or later versions are compatible with Android Zero-Touch Enrollment.
  2. Contact the device manufacturer: The manufacturer of the device will be able to provide information on the device's compatibility with Android Zero-Touch Enrollment. You can check the manufacturer's website or reach out to them through their support channels to find out if the device is compatible.
  3. Contact the enterprise management solution provider: The enterprise management solution provider will also be able to provide information on compatibility with their solution. You can check the provider's website or reach out to their support team to confirm compatibility.
  4. Check the enterprise management solution provider's website or support resources: Many enterprise management solution providers maintain a list of compatible devices on their websites. This list can be found in their support resources or through a search on their website.
  5. Check with the device retailer: The retailer from which you plan to purchase the device may also have information on compatibility with Android Zero-Touch Enrollment. They may be able to provide you with a list of compatible devices or direct you to a resource that can provide this information.

It is important to keep in mind that compatibility can depend on the specific enterprise management solution being used, and the information provided by the device manufacturer, enterprise management solution provider, and retailer can be subject to change. To ensure that you have the most accurate information, it is best to check multiple sources and to confirm compatibility before purchasing a device.
Julien Ott
February 1, 2023

Discover Appaloosa

Discover our cutting-edge solutions for managing mobile devices, whether they are personal or corporate. Dive into our enterprise mobility solutions and simplify your mobility.

Mobile App Management

Deploy and Secure apps for BYOD or unmanaged devices.

  • Self Onboarding

  • Auto App Install

  • Auto App Updates

  • App Protection

  • Set Passcode

  • Wifi Config

Learn More

Mobile Device Management

Deploy Apps and Secure Corporate, Kiosk and Rugged Devices.

  • Zero Touch

  • Dynamic Policies

  • Kiosk

  • Device Inventory

  • Remote Support

  • OEM Config

Learn More

Try the complete platform, 14 days for free.

Cancel anytime. No credit-card required.

Get started

Or talk with the team.