Preventing users from installing specific apps
To help prevent users from installing specific apps, you can create a list of restricted apps and use compliance profiles to enforce the restrictions. For example, you might want to prevent users from installing malicious apps or apps that require a lot of resources.
Restrict specific apps
Androiddevices, you can create a compliance profile to select apps from the restricted app list and set an enforcement action such as prompting the user or deleting work data if one of these apps is installed.
For the following devices, you don't need to specify an enforcement action because users are automatically prevented from installing apps that you specify in a compliance profile:
- ForSamsung Knoxdevices, if a user tries to install a restricted app, the device displays a message that the app is restricted and cannot be installed. If a restricted app is already installed, it is disabled. ForSamsung Knoxdevices you can select an option in the compliance profile to prevent apps being installed in the personal space as well as the work space.
- For supervisediOSdevices, if a user tries to install a restricted app, the app is hidden. If a restricted app is already installed, it is hidden from the user without any notification. To restrict built-in apps you must create a compliance profile and add the apps to the restricted app list in the profile. For more information, see iOS : Compliance profile settings.
- ForAndroid Enterprisedevices, you don't need to create a compliance profile to restrict apps, other than system apps, because users can only install apps in the work space that you have assigned. If a restricted app is already installed on a device, it is not disabled. If you want to restrict a system app (such as calculator, clock, or camera), you must add the system app to a compliance profile to enforce the restriction.
Allow specific apps
iOSdevices, you can create a compliance profile that specifies a list of allowed apps. All other apps, with the exception of the Phone and Preferences apps, are automatically disallowed and cannot be seen on the device. Apps that are already installed that are not on the allowed list are hidden from the user without any notification. The following apps are included on the allowed list by default to ensure that devices can be managed in
- BlackBerry UEM Client
- Web Clip icons
- BlackBerry Secure Connect Plus
If the same
iOSapp is assigned to both the restricted list and allowed list in a compliance profile, the app is restricted.
For more information about creating compliance profiles, see Create a compliance profile.
Android11 and later devices activated with
Work and personal - full control, you can also allow or block installation of specific apps in the personal space from
Google Playusing the "Allow personal apps from
Google Play" IT policy rule.