Skip Navigation

iOS
: Compliance profile settings

See Common: Compliance profile settings for descriptions of the possible actions if you select a compliance rule.
These settings also apply to
iPadOS
devices.
iOS
: Compliance profile setting
Description
Jailbroken OS
This setting creates a compliance rule to ensure that devices are not jailbroken. A device is jailbroken when a user or attacker bypasses various restrictions on a device to modify the OS.
If you select this setting, users will also be unable to complete new activations for jailbroken devices, regardless of the enforcement action that you set.
Non-assigned app is installed
This setting creates a compliance rule to ensure that devices do not have apps installed that were not assigned to the user.
When you select this setting and a non-assigned app is installed on a device, a warning message and a link is displayed on the Managed Devices tab. When you click the link, a list of apps that are putting the device out of compliance is displayed.
This setting is not valid for devices activated with the
User privacy
activation type.
Required app is not installed
This setting creates a compliance rule to ensure that devices have required apps installed.
When you select this setting and a required app is not installed on a device, a warning message and a link is displayed on the Managed Devices tab. When you click the link, a list of applications that are putting the device out of compliance is displayed.
Restricted OS version is installed
This setting creates a compliance rule to ensure that devices do not have a restricted OS version installed.
You can select the restricted OS versions.
If you select this setting, users will be unable to complete new activations for devices that are not compliant, regardless of the enforcement action that you set.
Restricted device model detected
This setting creates a compliance rule to restrict device models.
You can choose one of these options:
  • Allow selected device models
  • Do not allow selected device models
You can select the devices models that are allowed or restricted.
If you select this setting, users will be unable to complete new activations for devices that are not compliant, regardless of the enforcement action that you set. 
Device is out of contact
This setting creates a compliance rule to ensure that devices are not out of contact with
BlackBerry UEM
for more than a specified amount of time.
Last contact time
This setting specifies the number days a device can be out of contact with
BlackBerry UEM
.
This setting is valid only if the "Device out of contact" setting is selected.
BlackBerry Dynamics
library version verification
This setting creates a compliance rule that allows you to select the
BlackBerry Dynamics
library versions that cannot be activated.
You can select the blocked library versions.
BlackBerry Dynamics
connectivity verification
This setting creates a compliance rule to monitor whether
BlackBerry Dynamics
apps are out of contact with
BlackBerry UEM
for more than a specified amount of time. The enforcement action is applied to
BlackBerry Dynamics
apps.
The "Base connectivity interval on authentication delegate apps" setting specifies that the connectivity verification is based on when an authentication delegate app connects to
BlackBerry UEM
. This setting applies only if an authentication delegate is specified in a BlackBerry Dynamics profile.
The "Last contact time" setting specifies the number days a device can be out of contact with
BlackBerry UEM
before the device is out of compliance.
BlackBerry Dynamics
apps don’t prompt users for compliance for this rule. If you set the “Prompt behavior” setting to “Prompt for compliance,” the user is not prompted. If the device is able to contact UEM, the device returns to compliance when the user opens the
BlackBerry Dynamics
app.
BlackBerry Dynamics app screen capture detected
This setting creates a compliance rule that reacts to screen captures of BlackBerry Dynamics apps on devices.
The "Maximum number of screen captures within period" setting specifies the number of allowed screen captures within the time that you specify in the "Period length" field.
The "Enforcement action for BlackBerry Dynamics apps" setting specifies the action that occurs if the user exceeds the allowed number of screen captures.
Restricted app is installed
This setting creates a compliance rule for BlackBerry UEM to periodically check for restricted apps.
To restrict apps, complete any of the following tasks:
  • Select an app from the restricted app list. For more information, see Add an app to the restricted app list.
    Do one of the following:
    • To select apps using the app name, click the Select apps from the app list option.
    • To select apps using the app package ID, click the Specify the app package ID option. You should not use the package ID to add public apps. Add public apps to the restricted app list and then use the Select apps from the app list option to select the apps instead.
  • Select a built-in app (supervised devices only)
To remove an app from the list, click The Remove icon.
When you select this setting and a restricted app is installed on a device, a warning message and a link is displayed on the Managed Devices tab. When you click the link, a list of applications that are putting the device out of compliance is displayed.
For supervised devices, enforcement actions for this rule are not applicable. Users are automatically prevented from installing restricted apps. If restricted apps (either built-in or installed by the user) are already installed, those apps are automatically removed from the device.
Show only allowed apps on device
This setting creates a compliance rule that specifies a list of apps that are allowed to be installed on users' devices. All other apps are not allowed.
To allow specific apps, complete one of the following tasks:
Some apps are included in the allowed list by default. To remove an app from the list, click The Remove icon.
This setting is valid only for supervised devices.