Security Policy

Security policies specify how MobileIron addresses several areas of mobile security. MobileIron recommends you create separate policies for each platform to avoid inconsistencies.

For more information on creating or editing a security policy, see "Security policies" in the Getting Started with MobileIron Core.

Proactive password security policy

When certificates are applied to the device as certificate settings, certificate enrollment settings, or via a Wi-Fi configuration, Mobile@Work proactively applies a password policy that meets the Android OS certificate installation requirements.

With the proactive password policy, Mobile@Work prompts the user to create a screen lock for their device, even if MobileIron Core does not enforce a privacy policy.

Password policy attributes

For all password policy attributes, Core only displays "Unsupported" for Mobile@Work for Android 10.6 through the latest version as supported by MobileIron. This Android 10 or above device needs to be in Device Admin (DA) mode. If the device is still using an old version of Mobile@Work, it will not report "Unsupported."

You can view this information in Devices & Users > Device > Device tab. "Unsupported" will display for the following password policy attributes:

• Password
• Password Type
• Minimum Password Length
• Maximum Password Age

Core will not quarantine the device, the security policy will display as "Applied," and the device status will be compliant.

Core will no longer consider Unsupported for the above password policy attributes as a policy violation if the device is Android 10 or above and in Device Admin mode.

Previously if the security policy was in violation, a compliance action could be triggered if one was set. Some compliance actions could be: Send an alert, Block email or Quarantine.