Application Compliance

The Application Compliance settings provide configuration options for restricted apps, allowed apps, required apps, and restricted app permissions on Android devices.

Note: To enable this policy on Android 5.0+ devices, you must enable Usage access permission on the Android device.
The following table describes the compliance settings that you can configure for apps on an Android device:
Policy setting Description Supported devices
Configure restricted applications (app blocklist) The apps that are restricted from use on managed devices.
To restrict an app on a managed device:
  1. Add the name of the app. For example, MaaS360 Secure Editor. You can separate multiple app names with a comma.
  2. Add the app ID. To find the app ID:
    1. Go to Devices, and then select the device from the list.
    2. Select Summary > Apps Installed to view the app ID.

      For example, the app ID for MaaS360® Secure Editor is com.fiberlink.maas360.android.secureeditor.

  3. Choose what actions to take on the app. For example, prompt the user to uninstall the app or block the app from the device.
    Note: If an app is restricted, that app is automatically blocked regardless of the actions that are set for that app.
Android 2.2+
Configure restricted applications by app permissions The app permissions that are restricted on a managed device.
To restrict app permissions on a managed device:
  1. Open https://developer.android.com/reference/android/Manifest.permission.html to view a list of app permissions and their descriptions.

    Type the first few characters of a restricted permission name. For example, type Read SMS.

  2. Choose additional permissions to restrict on the app.
  3. Choose what actions to take on the app. For example, prompt the user to uninstall the app or block the app from the device.
Note:
  • Use the app ID in the App Exceptions field to allow apps on managed devices regardless of the permissions that are set for the app.
  • The Block from use action is supported on Android 4.0 to 4.4 only.
Android 2.2+
Configure allowed applications (app allowlist) The apps that are allowed on managed devices.
To allow the use of an app on a managed device:
  1. Add the name of the app. For example, MaaS360 Secure Viewer. You can separate multiple app names with a comma.
  2. Add the app ID. To find the app ID:
    1. Go to Devices, and then select the device from the list.
    2. Select Summary > Apps Installed to view the app ID.

      For example, the app ID for MaaS360 Secure Viewer is com.fiberlink.maas360.android.secureviewer.

  3. Choose what actions to take on the app. For example, prompt the user to uninstall the app or block the app from the device.
    Note:
    • If an app is restricted, that app is automatically blocked regardless of the actions that are set for that app.
    • The Block from use action is supported only on Android 4.0 to 4.4.
Android 2.2+
Configure required applications The app is required on the managed device. Use this policy along with the Blocklist policy or the Allowlist policy.

For example, if the MaaS360 Secure Editor app is not listed in the allowed apps list, but is marked as a required app, you can use the MaaS360 Secure Editor app on a managed device.

If the MaaS360 Secure Editor app is listed in the restricted apps list, but is marked as a required app, you can use the MaaS360 Secure Editor app on a managed device.

To configure an app that is required on a managed device:
  1. Add the name of the app. For example, MaaS360 Secure Editor. You can separate multiple app names with a comma. The first app in the list is the primary app. If no other apps are listed, the user installs the primary app.
  2. To find the app ID:
    1. Go to Devices, and then select the device from the list.
    2. Select Summary > Apps Installed to view the app ID.

      For example, the app ID for MaaS360 Secure Editor is com.fiberlink.maas360.android.secureeditor.

Android 2.2+