Mobile Device Management

Smartphones and tablets used at CUIMC can access Epic clinical suites by installing the free MobileIron app.  MobileIron is an established Mobile Device Management (MDM) program that uses "container" technology to secure pre-defined aspects of the phone or tablet, apps, and data.  Apps and data outside of the container, including your calls, photos, messages, etc. are not managed and cannot be accessed by MobileIron. 

It is not required if you do not need to use Epic on your phone or tablet, and can be installed on both department and personally owned equipment.  If you are already using NYP's MDM, you do not need to install it again for CUIMC. 

A quick overview follows, and be sure to see our MDM FAQs.  An MDM Epic Rollout flyer (PDF) with QR codes linking to installation instructions is also available.

Using MDM at CUIMC

What do I need?

  1. You must have a CWID (NYPH Center Wide ID) account, which is also required for Epic.
    If you do not have one please contact your department administrator or supervisor, CUIMC IT is not able to create or request CWIDs.
  2. A smartphone or tablet with Internet access using:
    • iOS 12.0 or higher (iPhone or iPad)
    • Android 8.0 or higher

If you will be downloading and installing MobileIron on your own phone or tablet, you will also need an Apple ID or Google Play account.

How do I set up MobileIron on my device?

MobileIron will be pre-installed on devices ordered via CUIT's form if the option for Epic Access is checked, or it can be downloaded and installed by following our instructions for iPhone/iPad or Android.  IMPORTANT:

  • Be sure to back up any existing data on the phone or tablet before installing.
  • Devices provided by your department and/or ordered through CUIT's form without selecting Epic Access may have another MDM program (such as CUIT's EMM/AirWatch) installed.  See steps to check for MDM, which includes details on contacting us to Migrate to CUIMC MobileIron for devices that have AirWatch installed.

What happens during MobileIron set up?

MobileIron will verify or enforce that the device:

  • Is not jailbroken or rooted, indicating that built-in security features have been bypassed
  • Is set to auto-lock, with either a minimum 6 character passcode or fingerprint (if supported by the device) to unlock
  • Uses full encryption
  • MobileIron will also set up the Voice Wi-Fi network as the preferred nework on your device, please see this FAQ for more details.

Note that auto-lock and full encryption are already required by University Policy.  For more details on how MobileIron is used including what it can and cannot access on your device please see the FAQs and Mobile Device Management (MDM) Privacy Information.

MobileIron apps on an iPhone home screen

What happens after MobileIron is installed?

Once installed, Epic apps including Rover and Haiku are also set up and can be used by logging in with your CWID.

Other approved CUIMC apps can be downloaded through a "Work" store icon.

In case of a lost or stolen device, the IT department can quarantine it (to prevent loss of corporate data) or, in extreme cases, remotely wipe the device. Users can request the device to be wiped of just the MobileIron container (CUIMC/Epic applications) or request a full device wipe. 

Confirming Installation

If there are problems using MobileIron please make sure it has installed properly by checking for mobile device management.  iPhones and iPads may miss the steps to install a profile after MobileIron is downloaded, if so please see the last section of Troubleshoot MobileIron Errors for help.