Skip Navigation

Enforcing compliance rules for devices

You can use compliance profiles to encourage users to follow your organization’s standards for the use of devices. A compliance profile defines the device conditions that are not acceptable in your organization. For example, you can choose to disallow devices that are jailbroken, rooted, or have an integrity alert due to unauthorized access to the operating system.
A compliance profile specifies the conditions that would make a device non-compliant, the notifications that a user receives when a device is non-compliant, and the actions that
BlackBerry UEM
will take if a compliance issue is not resolved (for example, limiting a user's access to the organization's resources, deleting work data from the device, or deleting all data from the device).
UEM
includes a default compliance profile. The default compliance profile does not enforce any compliance conditions. To enforce compliance rules, you can change the settings of the default compliance profile or you can create and assign custom compliance profiles. Any user accounts that are not assigned a custom compliance profile are assigned the default compliance profile.
For
Samsung Knox
devices, you can add a list of restricted apps to a compliance profile, but
UEM
does not enforce the compliance rules. Instead, the restricted app list is sent to devices and the device enforces compliance. Any restricted apps cannot be installed, or if they are already installed, they are disabled. When you remove an app from the restricted list, the app is re-enabled if it is already installed.