On the Getting Started with Mobile Management page, navigate to the Mobile Security and Control section and click Create New Policies. Alternatively, from the left hand side navigation pane of ZCC, navigate to Policies > New > Policy.
On the Select Platform page, select Mobile and click Next.
On the Select Policy Category page, select General Mobile Policies and then click Next.
On the Select Policy Type page, select Mobile Device Control Policy and then click Next.
On the Define Details page, specify a name for the policy, select the folder in which to place the policy, then click Next.
On the Configure Mobile Device Control Settings page, assign different security levels to corporate-owned devices and personally-owned devices, and click Next:
None: Inherits the setting value from other Mobile Device Control policies assigned higher in the policy hierarchy. For example, if you assign this policy to a device, the setting value is inherited from any Mobile Device Control policy assigned to groups and folders of which the device is a member. If a setting value is not inherited from another Mobile Device Control policy, the device’s default value is used.
Low: No restrictions are enforced on the device. However, some settings are assigned a default value and for the remaining settings no value is assigned.
Moderate: A few restrictions are imposed. For example, in the case of iOS devices, in-app purchases are disabled, background data fetch while roaming is disabled, access to documents from managed sources in unmanaged destinations and vice versa are disabled.
Strict: Some restrictions are enforced on the device. For example, in the case of iOS devices, backup of data to iCloud is prevented, display of notification on the Lock screen is disabled, submission of diagnostic reports to Apple is disabled.
High: This level is similar to strict security level however with higher restrictions. For example, in the case of iOS devices, disables voice assistant Siri, removes the device camera, and disables pop-up tabs in Safari.
On the Summary page, you can perform the following actions:
Create as Sandbox: Creates a Sandbox-only version of the policy. A Sandbox version of a policy enables you to test it on your device before actually deploying it
Define Additional Properties: Enables you to edit the default device control settings configured in the policy. For more information, see Editing Mobile Device Control Policy Settings.
Click Finish to complete creating the policy.