Configuring the security policy for Android Enterprise devices

Most security policy settings for Android Enterprise devices are the same as the settings for other Android devices. However, note that a few settings in the security policy are specific to Android Enterprise devices. These settings are:

  • Block notifications on lock screen (Android Enterprise Work Managed Devices only)

  • Allow only redacted notifications on lock screen (for Android Enterprise Work Profile modes only)

  • Bypass Factory Reset Protection (Applicable to Android Enterprise Work Managed Devices and Work Profile on Company Owned Devices.)

Also in the security policy, you specify compliance actions for various security violations. When a compliance action includes quarantine, on Android Enterprise devices, all Android Enterprise apps and functionality are hidden except for Downloads, Google Play Store, and the Ivanti Mobile@Work app.

When configuring Zebra OTA (Over-the-Air) service, only for Work Managed Zebra devices is supported.

  • “Security policies” in Getting Started with Ivanti EPMM

  • “Add Compliance Action table” in Ivanti EPMM Device Management Guide for Android and Android Enterprise devices