Restrict access to a few Public Store apps outside office premises

expand collapsive

Our employees use BYOD devices with work profiles for their corporate needs. The work profiles contain a few Public Store applications with access to organizational data.

As part of the security upgrade, we wish to restrict our employees from accessing such apps outside our office premises.

Any suggestions to achieve this would be much appreciated.
Thanks in advance!

All Replies

  • Hexnode

    Archer Woods

    Moderator

    Hey @ryker,
    Thanks for reaching out!

    Hexnode has just the right solution for your requirements. You can achieve it by following two simple steps, i.e., first, blacklist the required Public Store apps. Then, create a dynamic group with necessary filters such that the employee devices will be listed in the dynamic group based on the selected geofence.

    Blacklist Public Store apps

    Navigate to Policies > Android > Blacklist/Whitelist, choose the filter type as Blacklist and select the apps to which access must be restricted outside the office premises. Save the policy.

    Please note that this feature is supported only on Samsung Knox devices and devices enrolled in the Android Enterprise program.

    Create Dynamic group with required filters

    1. Create a new dynamic group.
    2. Choose the Exclude option present alongside Choose Geofences/Location filters. Now, create a new geofence or choose an existing geofence such that it encompasses the locations where the Public Store app should be accessible to the employees. The Exclude option will ensure that any device outside the specified geofence will automatically get added to this dynamic group.
    3. Under Choose Condition filters, select appropriate filters such that your employee’s BYO devices will be included in the dynamic group when they are outside the office premises, i.e., outside the specified geofence.
    4. In the newly created dynamic group, navigate to Actions > Associate Policy. Choose the previously created policy intended to blacklist the Public Store apps and associate it with the dynamic group.

    Now, whenever the employee’s devices are outside the selected geofence, the devices will be automatically included in the dynamic group. As a result, the policies will automatically take effect on the devices, restricting access to the blacklisted apps.

    Hopes this answers your query.

    Cheers!
    Archer Woods
    Hexnode UEM

    Solution