Enable Data Loss Prevention (DLP) to protect sensitive data in applications. DLP options control how and what data transmits back and forth.

See Supported Settings and Policies Options for the SDK to find out which default settings the SDK supports. Find the matrix in the Workspace ONE UEM Mobile Application Management Guide. To know what default settings Workspace ONE UEM applications support, see the topics for that specific application.

Data loss prevention is not available for AirWatch Container, but it is available for applications in the AirWatch Container.

  1. Navigate to Groups & Settings > All Settings > Apps > Settings and Policies > Security Policies.
  2. Select Enabled for the specific DLP option.

    Setting Description
    Enable Bluetooth Allows applications to access Bluetooth functionality on devices when set to Yes.

    Enable Camera

    Allows applications to access the device camera when set to Yes.
    Enable Composing Email

    Allows an application to use the native email client to send emails when set to Yes.

    Enable Copy and Paste Out

    Allows users to copy and paste content from SDK-built applications to external destinations when set to Yes.

    When you set it to No, the system allows copy and paste only between Workspace ONE UEM applications.

    Encryption of the pasted content depends upon the configurations for authentication and SSO. If you enable authentication and SSO, the system encrypts the content with a user pin-based key. Otherwise, the system encrypts content with a randomly generated key.

    The system migrates the setting configured previously in the option to Enable Copy and Paste to this feature.

    Enable Copy and Paste Into

    Allows users to copy and paste content from external destinations into SDK-built applications when set to Yes.

    When you set it to No, the system allows copy and paste only between Workspace ONE UEM applications.

    Enable Data Backup Allows wrapped iOS applications to sync data with a storage service like iCloud when set to Yes.
    Enable Location Services Allows wrapped applications to receive the latitude and longitude of the device when set to Yes.
    Enable Printing Allows an application to print from devices when set to Yes.
    Enable Screenshot Allows applications to access screenshot functionality on devices when set to Yes.
    Enable Third-Party Keyboards

    On iOS devices when set to No, SDK-built applications always open in the native keyboard and prevent the use of third-party keyboards.

    On Android devices when set to No and the user did not set the system keyboard as the primary keyboard, SDK-built applications prevent user access.

    Enable Watermark

    Displays text in a watermark in documents in the VMware Content Locker when set to Yes.

    Enter the content to display in the Overlay Text text box or use lookup values. You cannot change the design of a watermark from the Workspace ONE UEM console.

    Limit Documents to Open Only in Approved Apps Enter options to control the applications used to open resources on devices.
    Allowed Applications List Enter the applications that you allow to open documents.
  3. Save your settings.

For more topics about the SDK and mobile application management, see MAM Functionality With SDK Functions.