Release Notes
Abstract
Additional Android Enterprise features added to the security policy
Content
MaaS360 adds support for the following Android Enterprise policies:
|
Path
|
Policy
|
Description
|
|---|---|---|
| Android MDM Policy > Android Enterprise Settings > Security > Device Security | Enable Factory Reset Protection |
Allows IT administrators to specify a list of Google accounts that are authorized to provision the company-owned devices after a factory reset. Supported on Android 8.0 and above in DO mode. |
| Android MDM Policy > Android Enterprise Settings > Security > Device Security | Enforce Network Date and Time | Enforces the date, time, and timezone provided by the network. Supported on Android 5.0+ (DO). |
| Android MDM Policy > Android Enterprise Settings > Passcode | Minimum Passcode Quality |
Weak biometric: Allows users to secure devices with low-security biometric recognition to unlock the device, such as face recognition. |
| Android MDM Policy > Android Enterprise Settings > Restrictions > Location Sharing Settings | Location Sharing Mode |
Enforces the selected location sharing mode on the managed device.
|
| Android MDM Policy > Android Enterprise Settings > Restrictions > Network Restrictions | Wi-Fi Timeout |
Enforces the selected Wi-Fi timeout option on the device.
|
| Android MDM Policy > Android Enterprise Settings > Certificates | Configure Additional Certificate Management Settings | Allows IT admins to specify a comma-separated list of third-party certificate management app ids and grant those apps privileged access to install certificates into the managed keystore. Prerequisite: The certificate management apps must be distributed to the devices. |
|
Android MDM Policy > Android Enterprise Settings > COSU (Kiosk Mode) > Customize Kiosk Launcher Settings Note: The policy is unavailable if COSU Mode Type is Automatically launch a required app and lock the device to display only this. |
Show Custom Status Bar | Displays a custom status bar with username, email address, battery, Wi-Fi status, mobile network status and time. |
| Android MDM Policy > Android Enterprise Settings > COSU (Kiosk Mode) > Customize Kiosk Launcher Settings | Allow Users to set Screen Brightness | Allows users to set screen brightness on the device. |
|
Android MDM Policy > Android Enterprise Settings > COSU (Kiosk Mode)
|
Allow Introductory Hints on first app launch | If enabled, introductory tutorial or hints are shown to users on first app launch. |
Factory Reset Protection Management
The Factory Reset Protection Management (FRP) is designed to deter the device theft by blocking the unauthorized factory reset. It also addresses the employee management scenarios in the enterprise environment. If an employee leaves the organization, IT administrators can easily reset the company-owned device to factory settings without using the employee's account credentials.
Enabling factory reset protection
- Use People: get API to obtain authorized Google User ID.
- Navigate to https://developers.google.com/+/web/api/rest/latest/people/get.
Result: The People: get page is displayed. - In the Try this API section in the right pane, provide me in the userId field and then click Execute.
Result: The JSON response is generated. - Copy the id from the JSON response.
- Navigate to https://developers.google.com/+/web/api/rest/latest/people/get.
- Log onto the MaaS360 portal and navigate to Security > Policies.
- Open Android MDM policy and click Android Enterprise Settings.
- In the Device Security section, turn on Enable Factory Reset protection and enter the id that was generated in Step 1.
Was this topic helpful?
Document Information
Modified date:
30 November 2018
UID
ibm10743435