Build an application compliance policy that acts on devices with non-compliant applications.

Procedure

  1. Ensure that you are in the correct organization group.
  2. Navigate to Devices > Compliance Policies > List View. Select Add.
  3. Select the platform.
  4. Select Application List on the Rules tab and select Contains Vendor Blacklisted App(s) for integration.

    To configure the compliance engine to monitor for applications from your reputation scanning system, add the blacklisted app group to the list. If the engine detects blacklisted applications on devices assigned to the compliance rule, the engine acts as configured in the rule.

  5. Move to the Actions tab to set escalating actions to perform on a user who does not comply with the compliance rule.

    Setting

    Description

    Mark as Not Compliant

    Enable the check box to tag devices that violate this rule, but once the device is tagged noncompliant and depending on escalation actions, the system might block the device from accessing resources and might block admins from acting on the device.

    Disable this option when you do not want to quarantine the device immediately.

    Application

    Select to remove the managed application.

    Command

    Select to configure the system to command the device to check in to the console, to perform an enterprise wipe, or to change roaming settings.

    Email

    Select to block email on the non-compliant device.

    Notify

    Select to notify the non-compliant device with an email, SMS, or push notification using your default template.

    You can also send a note to the admin concerning the rule violation.

    Profile

    Select to use Workspace ONE UEM profiles to restrict functionality on the device.
  6. Move to the Assignment tab to assign the compliance rule to smart groups.

    Setting

    Description

    Managed By

    View or edit the organization group that manages and enforces the rule.

    Assigned Groups

    Type to add smart groups to which the rule applies.

    Exclusions

    Select Yes to exclude groups from the rule.

    View Device Assignment

    Select to view the devices affected by the rule.
  7. Move to the Summary tab to name the rule and give it a brief description.
  8. Select Finish and Activate to enforce the newly created rule.