Compliance control of Android devices with corporate security requirements

You can control Android devices for compliance with the corporate security requirements. Corporate security requirements regulate how the user can work with the device. For example, the real-time protection must be enabled on the device, the anti-virus databases must be up-to-date, and the device password must be sufficiently strong. Compliance control is based on a list of rules. A compliance rule includes the following components:

If the user does not fix the non-compliance within the specified time, the following actions are available:

To create a scan rule for checking devices for compliance with a group policy:

  1. In the console tree, in the Managed devices folder, select the administration group to which the Android devices belong.
  2. In the workspace of the group, select the Policies tab.
  3. Open the policy properties window by double-clicking.
  4. In the policy Properties window that opens, select the Compliance control section.
  5. To receive notifications about devices that do not comply with the policy, in the Noncompliance notification section select the Notify administrator check box.

    If the device does not comply with a policy, during device synchronization with the Administration Server, Kaspersky Endpoint Security for Android writes an entry for Violation detected: <name of the criterion checked> in the event log. You can view the Event log on the Events tab in the Administration Server properties or in the local properties of the application.

  6. To notify the device user that the user's device does not comply with the policy, in the Noncompliance notification section select the Notify user check box.

    If the device does not comply with a policy, during device synchronization with the Administration Server, Kaspersky Endpoint Security for Android notifies the user about this in the Status section.

  7. In the Compliance Rules section, compile a list of rules for checking the device for compliance with the policy. Follow the steps below:
    1. Click Add.

      The Scan Rule Wizard starts.

    2. Follow the instructions of the Scan Rule Wizard.

      When the wizard finishes, the new rule is displayed in the Compliance Rules section in the list of scan rules.

  8. To temporarily disable a scan rule that you have created, use the toggle switch opposite the selected rule.
  9. Click the Apply button to save the changes you have made.

Mobile device settings are configured after the next device synchronization with the Kaspersky Security Center. If the user device does not comply with the rules, the restrictions you have specified in the scan rule list are applied to the device.

Page top