Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.19
  3. Managing apps
  4. Preventing users from installing specific apps

Preventing users from installing specific apps

To help prevent users from installing specific apps, you can create a list of restricted apps and use compliance profiles to enforce the restrictions. For example, you might want to prevent users from installing malicious apps or apps that require a lot of resources.

Restrict specific apps

For
iOS
 and
Android
 devices, you can create a compliance profile to select apps from the restricted app list and set an enforcement action such as prompting the user or deleting work data if one of these apps is installed.
For the following devices, you don't need to specify an enforcement action because users are automatically prevented from installing apps that you specify in a compliance profile:
  • For
    Samsung Knox
     devices, if a user tries to install a restricted app, the device displays a message that the app is restricted and cannot be installed. If a restricted app is already installed, it is disabled. In the compliance profile, you can also select an option to prevent apps from being installed in the personal space as well as the work space.
  • For supervised
    iOS
     devices, if a user tries to install a restricted app, the app is hidden. If a restricted app is already installed, it is hidden from the user without any notification. To restrict built-in apps, you must create a compliance profile and add the apps to the restricted app list.
  • For
    Android Enterprise
     devices, you only need to create compliance profile with enforcement actions if you want to restrict system apps (such as calculator, clock, or camera), because users can only install apps that you have assigned in the work space. If a restricted app is already installed on a device, it is not disabled.

Allow specific apps

For supervised
iOS
 devices, you can create a compliance profile that specifies a list of allowed apps. All other apps, with the exception of the Phone and Preferences apps, are automatically disallowed and hidden on the device. Apps that are already installed that are not on the allowed list are hidden from the user without any notification. The following apps are included on the allowed list by default to ensure that devices can be managed in
BlackBerry UEM
:
  • BlackBerry UEM Client
  • Web Clip icons
  • BlackBerry Secure Connect Plus
If the same
iOS
 app is assigned to both the restricted list and allowed list in a compliance profile, the app is restricted.
For more information about creating compliance profiles, see Enforcing compliance rules for devices.