Security Policy

Security policies specify how Ivanti EPMM addresses several areas of mobile security. Ivanti, Inc recommends you create separate policies for each platform to avoid inconsistencies.

For more information on creating or editing a security policy, see "Security policies" in the Getting Started with Ivanti EPMM.

Proactive password security policy

When certificates are applied to the device as certificate settings, certificate enrollment settings, or via a Wi-Fi configuration, Ivanti Mobile@Work proactively applies a password policy that meets the Android OS certificate installation requirements.

With the proactive password policy, Ivanti Mobile@Work prompts the user to create a screen lock for their device, even if Ivanti EPMM does not enforce a privacy policy.

Password policy attributes

For all password policy attributes, Ivanti EPMM only displays "Unsupported" for Ivanti Mobile@Work for Android 10.6 or supported newer versions. This Android 10 or above device needs to be in Device Admin (DA) mode. If the device is still using an old version of Ivanti Mobile@Work , it will not report "Unsupported."

You can view this information in Devices & Users > Device > Device tab. "Unsupported" will display for the following password policy attributes:

  • Password
  • Password Type
  • Minimum Password Length
  • Maximum Password Age

Ivanti EPMM will not quarantine the device, the security policy will display as "Applied," and the device status will be compliant.

Ivanti EPMM will no longer consider Unsupported for the above password policy attributes as a policy violation if the device is Android 10 or above and in Device Admin mode.

Previously if the security policy was in violation, a compliance action could be triggered if one was set. Some compliance actions could be: Send an alert, Block email or Quarantine.

Device log encryption on Android devices