Use security policies to monitor the security status of your managed devices.
Procedure
- Go to .
- On the Android or iOS/PadOS tab, click Create.
- Under General, specify the policy name and description,
set the priority of the policy, and click Next.The Priority has two options:
-
Highest: Select this to make the policy a top priority. It will be evaluated before all other policies.
-
Lowest: Select this if the policy should be a lower priority. It will be evaluated after all other policies, with the exception of the default policy. The default policy is always the last to be evaluated regardless of other settings. If you set a policy to Lowest, the policy will be evaluated just before the default policy.
Tip
After the policy is created, you can change the priority by dragging the policy up or down the policy list. -
- Under Security Settings, configure Malware Detection,
Wi-Fi Protection, and Web Reputation settings, and click
Next.The security settings for Android devices differ slightly from those for iOS and PadOS devices.SectionSettingMalware Detection
-
Choose if you want Mobile Security to scan just the mobile apps on your devices, or if you want it to scan both mobile apps and Android Application Package (APK) files.
Note
Scanning APK files requires your users to turn on the Storage permission on their devices. -
Configure malware scan criteria.
-
Malware
-
Unofficially modified app content or data (For Android only)
-
Transmission of personal data without consent (For Android only)
-
System or app vulnerabilities (For Android only)
Each type of threat is assigned a risk level as defined by the risk level profile. The overall risk level of the targeted device is then calculated by considering the risk levels of all selected threat types. -
Wi-Fi Protection-
Turn on the toggle for Wi-Fi Protection.
-
Configure Wi-Fi scan criteria.
-
Automatic decryption of HTTPS trafficThe Wi-Fi network traffic is decrypted, which may result in data leakage.
-
Unsafe access pointThe device is connected to an insecure Wi-Fi network.
Each type of threat is assigned a risk level as defined by the risk level profile. The overall risk level of the targeted device is then calculated by considering the risk levels of all selected threat types. -
Web ReputationTrend Micro Web Reputation technology assigns websites a "reputation" based on an assessment of the trustworthiness of a URL, derived from an analysis of the domain.-
Turn on the toggle for Web Reputation.
-
Select Enforce on all devices that the policy applies to.This setting enforces Web Reputation on all targeted devices by automatically setting up local VPN on the devices.
-
Select Enable and log access to all websites.This setting permits your users to access potentially blocked websites and records each access in Mobile detection logs.
-
Select a security level.
-
To automatically approve or block certain websites, specify the websites in the following formats and add them to the allow list or to the block list:
-
URL
-
FQDN
Both URLs and FQDNs support the following wildcard character: * -
Device PermissionsImportant
Device permission options are available for Android devices only.Select whether you want certain permissions granted on end user devices.-
View device phone numbers
-
Ignore battery optimization
End users with devices enrolled in Airwatch, Google Workspace, or another MDM in managed configuration mode receive a system notification requesting the specified permissions.Devices enrolled in Microsoft Intune or Mobile Device Director automatically grant the specified permissions, which cannot be disabled by the end user.Deepfake DetectorImportant
Deepfake Detector is currently only available for iOS 14 and later.Select whether to enable detection of synthesized images in video calls using advanced AI. For more information, see Deepfake Detector. -
- Under Assignment tab, assign the policy to your
assignment groups by selecting one or more groups and clicking
Save.The users or devices targeted by your policy are evaluated for security when they check in with Mobile Security.