iOS and iPadOS: Compliance profile settings
iOS
and iPadOS
: Compliance profile settingsSee Common: Compliance profile settings for descriptions of the enforcement actions that
BlackBerry UEM
can take if a device violates a compliance rule.Compliance profile setting | Description |
---|---|
Jailbroken OS | This setting creates a compliance rule to ensure that devices are not jailbroken. A device is jailbroken when a user or attacker bypasses various restrictions on a device to modify the OS. If you select this setting, users cannot complete new activations on a jailbroken device, regardless of the enforcement action that you set. |
Managed device attestation failure | This setting creates a compliance rule that specifies the actions that occur when a device fails managed device attestation. |
Non-assigned app is installed | This setting creates a compliance rule to ensure that devices do not have apps installed that were not assigned to the user. This setting does not apply to devices with the User privacy activation type. |
Required app is not installed | This setting creates a compliance rule to ensure that devices have required apps installed. |
Restricted OS version is installed | This setting creates a compliance rule to ensure that devices do not have a restricted OS version installed. You can select the restricted OS versions. If you select this setting, users cannot complete new activations for devices that are not compliant, regardless of the enforcement action that you set. |
Restricted device model detected | This setting creates a compliance rule to restrict device models. You can select the devices models that are allowed or restricted. If you select this setting, users cannot complete new activations for devices that are not compliant, regardless of the enforcement action that you set. |
OS update not applied | This setting creates a compliance rule to execute compliance actions if a user does not apply a pending OS update within a time period that you specify. |
Device is out of contact | This setting creates a compliance rule to ensure that devices are not out of contact with UEM for more than a specified amount of time. You specify the number days that a device can be out of contact with UEM before it is considered out of compliance. |
BlackBerry
Dynamics library version verification | This setting creates a compliance rule that allows you to select the BlackBerry
Dynamics library versions that cannot be activated. You can select the blocked library versions. |
BlackBerry
Dynamics connectivity verification | This setting creates a compliance rule to monitor whether BlackBerry
Dynamics apps are out of contact with UEM for more than a specified amount of time. The enforcement action is applied to BlackBerry
Dynamics apps.The "Base connectivity interval on authentication delegate apps" setting specifies that the connectivity verification is based on when an authentication delegate app connects to UEM . This setting applies only if an authentication delegate is specified in a BlackBerry
Dynamics profile.The "Last contact time" setting specifies the number days a device can be out of contact with UEM before the device is considered out of compliance.BlackBerry
Dynamics apps don’t prompt users for compliance for this rule. If you set the “Prompt behavior” setting to “Prompt for compliance”, the user is not prompted. If the device is able to contact UEM , the device returns to compliance when the user opens the BlackBerry
Dynamics app. |
BlackBerry Dynamics screen capture detection on iOS devices | This compliance rule has been replaced with the "Do not allow screenshots on iOS devices" option in BlackBerry
Dynamics profiles. BlackBerry recommends using the profile setting and disabling this compliance rule. This compliance rule will be deprecated in a future UEM release.This setting creates a compliance rule that reacts to screen captures of BlackBerry
Dynamics apps on devices.The "Maximum number of screen captures within period" setting specifies the number of allowed screen captures within a specified time period. The "Enforcement action for BlackBerry Dynamics apps" setting specifies the action that occurs if the user exceeds the allowed number of screen captures. |
Restricted app is installed | This setting creates a compliance rule for UEM to periodically check for restricted apps, including marketplace apps. Add apps to the restricted apps list in the profile by selecting the apps from the UEM restricted app list or by selecting a built-in app (supervised devices only).When you select this setting and a restricted app is installed on a device, a warning message and a link is displayed in the Managed devices screen in the console. When you click the link, a list of apps that are putting the device out of compliance is displayed. The list of restricted apps is also sent to the user in the compliance notification. For supervised devices, enforcement actions for this rule are not applicable. Users are automatically prevented from installing restricted apps. If restricted apps (either built-in or installed by the user) are already installed, those apps are automatically removed from the device. |
Show only allowed apps on device | This setting creates a compliance rule that specifies a list of apps that can be installed on devices, including marketplace apps. All other apps are not allowed. Add apps to the allowed apps list in the profile by selecting apps from the UEM app list or by selecting built-in apps. Some apps are included in the allowed list by default. This setting is valid only for supervised devices. |