Restrict access to a few Public Store apps outside office premisesSolved

Participant
Discussion
3 years ago

Our employees use BYOD devices with work profiles for their corporate needs. The work profiles contain a few Public Store applications with access to organizational data.

As part of the security upgrade, we wish to restrict our employees from accessing such apps outside our office premises.

Any suggestions to achieve this would be much appreciated.
Thanks in advance!

Replies (1)

Marked SolutionPending Review
Hexnode Expert
3 years ago
Marked SolutionPending Review

Hey @ryker,
Thanks for reaching out!

Hexnode has just the right solution for your requirements. You can achieve it by following two simple steps, i.e., first, blacklist the required Public Store apps. Then, create a dynamic group with necessary filters such that the employee devices will be listed in the dynamic group based on the selected geofence.

Blacklist Public Store apps

Navigate to Policies > Android > Blacklist/Whitelist, choose the filter type as Blacklist and select the apps to which access must be restricted outside the office premises. Save the policy.

Please note that this feature is supported only on Samsung Knox devices and devices enrolled in the Android Enterprise program.

Create Dynamic group with required filters

  1. Create a new dynamic group.
  2. Choose the Exclude option present alongside Choose Geofences/Location filters. Now, create a new geofence or choose an existing geofence such that it encompasses the locations where the Public Store app should be accessible to the employees. The Exclude option will ensure that any device outside the specified geofence will automatically get added to this dynamic group.
  3. Under Choose Condition filters, select appropriate filters such that your employee’s BYO devices will be included in the dynamic group when they are outside the office premises, i.e., outside the specified geofence.
  4. In the newly created dynamic group, navigate to Actions > Associate Policy. Choose the previously created policy intended to blacklist the Public Store apps and associate it with the dynamic group.

Now, whenever the employee’s devices are outside the selected geofence, the devices will be automatically included in the dynamic group. As a result, the policies will automatically take effect on the devices, restricting access to the blacklisted apps.

Hopes this answers your query.

Cheers!
Archer Woods
Hexnode UEM