Applying compliance rules to devices

Follow these steps to apply compliance rules in the IBM® MaaS360® Portal to your mobile devices.

About this task

MaaS360 uses rule sets to check for compliance on devices. If a device is out of compliance with the defined rule set or condition, MaaS360 takes appropriate enforcement actions against the device.

Note: Only devices that are marked as Important on the View All Devices window are exempt from the actions that MaaS360 takes when a device is out of compliance.

Procedure

From the IBM MaaS360 Portal Home page, select Security > Compliance Rules.
The Compliance Rules window is displayed with the existing rules:
Option Description
Rule Set Name The unique name of the compliance rule.
(Actions) Use links on the window to view or change the rule set, apply a group to the rule set, set the rule set as the default, view audit history for the rule set, or delete the rule set.
Available for The device groups that the rule sets are applied to.
Make Default If selected, this rule set is the default rule set.
Edit The existing policy is changed for the rule.
Assign The rule is assigned to existing groups as the default rule or one time rule set for new devices.
Audit A list of actions that are taken on a device.
Delete The compliance rule is deleted from the device.
Status The status of the rule set: active or inactive.
  • To view active rule sets, click Hide Inactive.
  • To view inactive rule sets, click Show All.
Precedence If a device is assigned multiple rule sets, the rule set with the lower precedence is the rule set that is enforced.
# of Devices The number of devices that are assigned to this rule set. Click the number to view a list of those devices.
Last Updated By The user name of the person who last updated the rule set.
Last Updated On The date that the rule set was last updated.
Show All Shows all active and inactive rule sets.
Hide Inactive Hides rule sets that are deactivated.
Disable All Removes assigned rule sets and active enforcement actions from all managed devices.

Note: If you disable all compliance rules, the following actions occur on a device:

  • Active rule sets that are applied on a device are deactivated.
  • Devices that are out of compliance are now in compliance.
  • Devices continue to use the configuration that is set by the compliance rules before the rule was disabled.
  • Any action taken from the Compliance Rules workflow is revoked.