Based on the security level selected while creating a Mobile Security policy, the settings as predefined by ZENworks can be viewed or edited by performing the steps elaborated in this section.
In ZENworks Control Center, navigate to the Policies section.
Click the Mobile Security Policy whose content you want to edit.
Click the Details tab, and edit the settings.
Corporate/Personal: The settings in the Corporate column are applied to devices whose ownership is defined as Corporate. The settings in the Personal column are applied to devices whose ownership is defined as Personal. The settings use the following values:
Yes: Enables the setting.
No: Disables the setting.
Inherit: Inherits the setting value from other Mobile Security policies assigned higher in the policy hierarchy. For example, if you assign this policy to a device, the setting value is inherited from any Mobile Security policy assigned to groups and folders of which the device is a member. If a setting value is not inherited from another Mobile Security policy, the device’s default value is used.
Numeric value: Configures the setting with the numeric value provided by you.
Platform Support: The platform columns show support for a setting. The platforms are:
Android
iOS
ActiveSync
Password: The Password settings are listed in increasing order of complexity (strictness). If more than one setting applies to a device, the more complex (strict) setting is enforced. Using the example values provided in the table below, the following settings would be applied:
Android: The Require numeric complex password setting for Android 5.0 and higher.
iOS: The Require simple password setting.
ActiveSync: The Require simple password setting.
Setting |
Description |
Example |
Platform Support |
|
---|---|---|---|---|
Require password |
Requires a password to unlock the device. |
Yes |
|
|
Require biometric weak password |
Requires at least low-security biometric recognition technology that can recognize the identity of an individual to about a 3 digit PIN (false detection is less than 1 in 1,000). |
No |
|
|
Require simple password |
Allows the password to include repeating characters such as (0000) or sequential characters such as (abcd). This setting behaves differently on Android and iOS devices. For Android devices, the strictest rule gets applied. However, for iOS devices, the rule that is applied is cumulative of all the set rules. |
Yes |
|
|
Minimum password length |
Specifies the minimum number of characters required for the password. |
8 |
|
|
Require numeric password |
Requires the password to contain numbers. Other characters (letters and symbols) are optional. |
No |
|
|
Require numeric complex password |
Requires the password to contain numbers, with no repeating numbers (4444) or sequential numbers (1234). Other characters (letters and symbols) are optional. |
Yes |
|
|
Require alphabetic password |
Requires the password to contain letters (or symbols). Other characters (numbers) are optional. |
No |
|
|
Require alphanumeric password |
Requires the password to contain letters (or symbols) and numbers. |
No |
|
|
Require complex password |
Requires the password to contain letters, numbers, and symbols. |
Inherit |
|
|
Minimum complex character types |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of character types the complex password must contain. Character types are defined as:
|
2 |
|
|
Minimum complex characters required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of characters required for the complex password. |
2 |
|
|
Minimum letters required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of letters that must be included in the complex password. |
1 |
|
|
Minimum numbers required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of numbers that must be included in the complex password. |
1 |
|
|
Minimum lowercase letters required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of lowercase letters (abcd) that must be included in the complex password. |
1 |
|
|
Minimum uppercase letters required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of uppercase letters (ABCD) that must be included in the complex password. |
1 |
|
|
Minimum nonletters required |
Applies only if Require complex password is set to Yes or Inherit. Specifies the minimum number of numbers or symbols that must be included in the complex password. |
2 |
|
|
Require password expiration |
Requires the password to expire within a specified number of days. |
Yes |
|
|
Password expiration (days) |
Applies only if Require device password expiration is set to Yes. Specifies the number of days after which the password expires and must be changed. For example, if set to 30, the password expires after 30 days and must be changed. |
30 |
|
|
Require password history |
Requires a history of used passwords to be stored in order to prevent immediate reuse of passwords. |
Yes |
|
|
Number of passwords stored |
Applies only if Require device password history is set to Yes. Specifies the number of passwords stored in the history. For example, if set to 5, the last 5 passwords cannot be reused. |
3 |
|
NOTE:In this policy, even when you specify the minimum password length as a value that is less than 6, an iOS device (version 11 or newer), to which this policy is assigned, prompts for a password length of minimum 6 characters. However, the device accepts a password length that is less than 6 characters, as specified in the policy.
Encryption: Not all Encryption settings apply to all device platforms. In addition, the setting support can vary from version to version within a platform.
Setting |
Description |
Platform Support |
|
---|---|---|---|
Require encryption on the device |
Requires content stored on the device to be encrypted. |
|
|
Require encryption on the storage card |
Requires content on the storage card to be encrypted. |
|
Device Inactivity: Not all Device Inactivity settings apply to all device platforms. In addition, setting support can vary from version to version within a platform.
Setting |
Description |
Platform Support |
|
---|---|---|---|
Require inactivity lock |
Requires the device to be locked after it has been inactive for a specified period of time. |
|
|
Maximum inactivity timeout (minutes) |
Applies only if Require inactivity lock is set to Yes. Specifies the maximum number of minutes the user can set for the inactivity lock. For example, if set to 5, the user can set the inactivity timeout up to 5 minutes. |
|
|
Wipe device on failed number of unlock attempts |
Wipes the device data after a specified number of failed attempts to unlock the device. |
|
|
Maximum number of unlock attempts |
Applies only if Wipe device on failed number of unlock attempts is set to Yes. Specifies the number of failed attempts to unlock the device that is allowed before the device data is wiped. For example, if set to 10, the device is wiped after the 10th failed attempt. |
|
|
Configure time period after which passcode is required |
Enables you to define when a passcode is required after a period of inactivity. |
||
Display the passcode screen on unlock |
Displays the passcode at the specified time period, after a period of inactivity. For example, if set to After 5 minutes, the passcode is displayed after 5 minutes of inactivity. |
Click Apply.
Click Publish to display the Publish Option page. In this page you can publish the modified policy as a new version of the same policy or as a new policy.
For more information on the Profile Security tab, see Securing the Device.