The Policy can apply numerous system limitation to let the device looks like a regular device, but the end-users can only access certain functions as the company designed. With the system-level restriction of the Policy, including App usage management, various system settings, and more, you can create an exceptional secure user environment for your company-owned devices.
Before you start to design your company policy for your devices, please note:
- If this icon
shows next to an option, it means the Biz Daemon must have Device Owner permission, or the device must be enrolled via Android Enterprise for the option to affect the device. - If this icon
shows next to an option, it means the Android System of the device must be above a certain version for the option to affect the device. - If this icon
shows next to an option, it means some features are restricted or not supported for devices enrolled through Android Enterprise and/or Zero Touch.
Please check this document for detailed information on the minimum system requirement of every Policy restriction.
Let us introduce briefly to you what rule you can set in every section of a Policy:
- Password: You can ask the end-user to set a password that aligns with the company standard, or you can set a password for the devices. You can also set the rule to reset the device when someone wants to breach the device.
- App Blocklist / Allowlist: Once an application is listed on the App Blocklist, the application will be invisible on the App drawer of the affected devices. For additional security, the system will also block access to the application.
If the application is listed on the App allowlist, it will be the only application that is displayed on the App drawer of the affected devices.
Note: To ensure the stability of the Android system, system apps will remain visible when using App Allowlist. - Restriction: You can set various restrictions for system settings here, e.g., disable reboot in safety mode, USB file transfer, access to the camera, install/uninstall an app, internet connection, etc.
- General Settings: In this section, you can set some general settings such as APN, language, and audio settings.
- Kiosk Activation: You can choose to integrate the Policy with Kiosk mode here. If you are not familiar with Kiosk mode, please check this article to learn how to set up a Kiosk config file.
Reminder: some settings in the Kiosk is overlapped with the Policy; thus, such settings will only be shown in the Policy section.
If you want to know how to create or edit a Policy Config file, please check this article.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article