Device Policy Management
Overview
Admins can apply security policies to device groups to enforce compliance and protect endpoints.
Supported Policies
| Policy Name | Description |
|---|---|
| Disable USB Mass Storage | Blocks the use of USB flash drives and other mass storage devices to prevent data leakage or unauthorized file transfers. |
| Bluetooth Configuration | Enables or disables Bluetooth functionality on enrolled devices to reduce wireless vulnerability surfaces. |
| Full Disk Encryption | Enforces encryption on the entire system drive to ensure data protection in case of device loss or theft. |
| Install Certificate | Installs a trusted certificate (e.g., company root CA) on the device for secure network or application access. |
| Wi-Fi Configuration | Automatically sets up and connects the device to a specified Wi-Fi network using predefined credentials. |
| Custom MDM (OMA-URI) Policy | Allows advanced admins to configure custom Windows settings via OMA-URI paths, supporting deeper system-level control. |
How to Apply Policies
To apply a policy to devices:
- Go to Device Management in the Admin Portal
- Select the Device Groups tab
- Choose the group you want to configure
- Click View Details
- Navigate to the Policies tab
- Click Add Policy to assign a new policy, or Remove to detach an existing one
- Configure the policy parameters as needed, then Save
Once saved, the policy will apply to all devices currently in the group.
Notes
- Policies are applied to groups, not individual devices
- Ensure configuration values are correct, especially for OMA-URI policies
- Newly enrolled devices may not receive past policies unless re-evaluated against group rules
Updated 4 months ago