- Managing device features and behavior
- Managing devices with IT policies
- Importing IT policy and device metadata updates
- Creating device support messages
- Enforcing compliance rules for devices
- Sending commands to users and devices
- Deactivating devices
- Controlling the software updates that are installed on devices
- Create a device SR requirements profile for Android Enterprise devices
- Create a device SR requirements profile for Samsung Knox devices
- View users who are running a revoked software release
- Managing OS updates on devices with MDM controls activations
- View available updates for iOS devices
- Update the OS on supervised iOS devices
- Configuring communication between devices and BlackBerry UEM
- Displaying organization information on devices
- Using location services on devices
- Using Activation Lock on iOS devices
- Managing iOS features using custom payload profiles
- Managing factory reset protection for Android Enterprise devices
- Create a Factory reset protection profile
- Manually obtain a user ID for a Google account
- How factory reset protection responds to device resets
- Considerations for using a specific Managed Google Play account when setting up a factory reset protection profile
- Clear factory reset protection from a device
- Setting up Windows Information Protection for Windows 10 devices
- Allowing BitLocker encryption on Windows 10 devices
- Managing attestation for devices
- Migrate iOS devices to use a hardened channel
- BlackBerry Docs
- BlackBerry UEM 12.17
- Administration
- Managing device features
- Enforcing compliance rules for devices
Enforcing compliance rules for devices
You can use compliance profiles to encourage users to follow your organization’s standards for the use of devices. A compliance profile defines the device conditions that are not acceptable in your organization. For example, you can choose to disallow devices that are jailbroken, rooted, or have an integrity alert due to unauthorized access to the operating system.
A compliance profile specifies the following information:
- Conditions that would make a device non-compliant
- Email messages and device notifications that users receive if they violate the compliance conditions
- Actions that are taken if users do not correct the issue, including limiting a user’s access to the organization's resources, deleting work data from the device, or deleting all data from the device
For
Samsung Knox
devices, you can add a list of restricted apps to a compliance profile. However, BlackBerry UEM
does not enforce the compliance rules. Instead, the restricted app list is sent to devices and the device enforces compliance. Any restricted apps cannot be installed, or if they are already installed, they are disabled. When you remove an app from the restricted list, the app is re-enabled if it is already installed. BlackBerry UEM
includes a Default compliance profile. The Default compliance profile does not enforce any compliance conditions. To enforce compliance rules, you can change the settings of the Default compliance profile or you can create and assign custom compliance profiles. Any user accounts that are not assigned a custom compliance profile are assigned the Default compliance profile.