Android security settings

With the settings in the Device security section you can set up a security profile for your Android devices. If you set any of these settings to anything other than the default values, DME will require Device Administrator privileges on the device. This way you are able to enforce device administration policies on the device according to the standards set by Google on their Google Developer website.

Supported by:

• Corporate device

  If this setting is On, the device is designated a corporate device. This means that the administrator is entitled to perform any operations on it, as it is corporate property. If the device is the employee's personal device (Bring Your Own Device - BYOD), the employee has control over personal items on the device. If the device is a personal device, and the administrator sends a Destroy all Data command to the device, only DME data will be destroyed. See also Delete device data.

• Password enabled

  If this field is set to Unspecified, the device user is free to set or not set a password. Note that this is not the DME password, but the password used for enabling the screen.

  If the field is set to something other than Unspecified, the user is required to set a password of one of the following types:

  • Biometric: The user must use a biometric "password" if the device supports this. This can be fingerprint, iris scan etc.
  • Something: The user must enter some kind of password, but the policy does not care what it is.
  • Numeric: The user must enter a password containing at least numeric characters.
  • Alphabetic: The user must enter a password containing at least alphabetic (or other symbol) characters.
  • Alphanumeric: The user must enter a password containing at least both numeric and alphabetic (or other symbol) characters.
  • Complex: The user must enter a password containing at least a letter, a numerical digit and a special symbol.
• Min. password length

  Set the required number of characters for the password. For example, you can require PIN or passwords to have at least six characters.

• Min. number of letters required in password

  The minimum number of letters required in the password.

• Min. lowercase letters required in password

  The minimum number of lowercase letters required in the password.

• Min. non-letter characters required in password

  The minimum number of non-letter characters required in the password.

• Min. digits required in password

  The minimum number of numerical digits required in the password.

• Min. symbols required in password

  The minimum number of symbols required in the password.

• Min. uppercase letters required in password

  The minimum number of uppercase letters required in the password.

• Password expiration timeout

  When the password will expire, counted from when a new password is set. The value can be Never, 1 month, 3 months, 6 months, or 1 year.

• Password history restriction

  This policy prevents users from reusing the last n number of unique passwords. This policy is typically used together with Password expiration timeout, which forces users to update their passwords after a specified amount of time has elapsed. The value can be 1, 3, or 5.

• Max. allowed failed password attempts

  Specifies how many times a user can enter the wrong password before the device wipes its data. The value can be between 0 and 9 attempts, where 0=Never wipe data.

• Max. inactivity time lock (minutes)

  Sets the length of time since the user last touched the screen or pressed a button before the device locks the screen. When this happens, users need to enter their PIN or passwords again before they can use their devices and access data. The value can be between 1 and 60 minutes.

• Require storage encryption

  If this setting is On, the storage area will be encrypted, if the device supports it.

• Disable camera

  If this setting is On, the device camera will be disabled.