Configure compliance actions to take when network threats are detected
When an insecure network or insecure
Wi-Fi
access point is detected, UEM
considers the device to be out of compliance. You can configure and assign a compliance profile to users so that UEM
can take the appropriate action. For more information about creating and configuring compliance profiles, see Enforcing compliance rules for devices in the UEM
administration content.When you first implement insecure network or
Wi-Fi
access point detection, it is recommended that you use the monitor and log option before you implement actions that are potentially more disruptive. After monitoring compliance activity for an appropriate amount of time, you can then implement the desired actions (for example, preventing users from using BlackBerry
Dynamics
apps until the device is compliant).- In the management console, on the menu bar, clickPolicies and profiles > Compliance > Compliance.
- Create a new compliance profile or select and edit an existing compliance profile.
- Configure compliance actions:TaskStepsConfigure compliance actions for insecure network detection
- On theiOSandAndroidtabs, in theCylancePROTECTsection, select theInsecure network detectedcheck box.
- ForAndroiddevices, in theEnforcement action for devicedrop-down list, choose one of the following:
- To log information about the compliance issue without taking a compliance action, clickMonitor and log.
- To prevent the user while it is out of compliance, clickUntrust. Note that this option does not impactBlackBerry Dynamicsapps. Data and apps are not deleted from the device.
- In theEnforcement action for BlackBerry Dynamics appsdrop-down list, choose one of the following options:
- To log information about the compliance issue without taking a compliance action forBlackBerry Dynamicsapps, clickMonitor and log.
- To prevent the user from accessingBlackBerry Dynamicsapps while the device is out of compliance, clickDo not allow BlackBerry Dynamics apps to run.
Configure compliance actions for insecureWi-Fiaccess point detection- On theiOSandAndroidtabs, in theCylancePROTECTsection, select theInsecure Wi-Fi network detectedcheck box.
- In theEnforcement action for devicedrop-down list, choose one of the following:
- To log information about the compliance issue without taking a compliance action, clickMonitor and log.
- To prevent the user from accessing work resources and apps on the device while it is out of compliance, clickUntrust. Note that this option does not impactBlackBerry Dynamicsapps. Data and apps are not deleted from the device.
- In theEnforcement action for BlackBerry Dynamics appsdrop-down list, choose one of the following options:
- To log information about the compliance issue without taking a compliance action forBlackBerry Dynamicsapps, clickMonitor and log.
- To prevent the user from accessingBlackBerry Dynamicsapps while the device is out of compliance, clickDo not allow BlackBerry Dynamics apps to run.
- ClickSave.
- Assign the profile to users and groups.
- For users with the user privacy andSamsung Knoxactivation types, theUEM ClientandBlackBerry Dynamicsapps will not show compliance notifications for this feature on the device, but compliance notifications will display as expected in the management console.
- In the management console, you can view information about compliance violations, including the unsafe network SSID, the unsafeWi-Fiprotocol, and the breach condition. You can also use the compliance event screen to monitor and track compliance events.