You can block apps from running on Android devices if those apps do not meet the corporate security requirements. App startup is restricted through App Control. You can also use App Control to prompt the user to install required and recommended apps on the device, or remove forbidden apps. App Control is based on lists of rules.
To make use of App Control on mobile devices running Android 5.0 or later, Kaspersky Endpoint Security for Android must be set as the Accessibility service. Kaspersky Endpoint Security for Android prompts the user to set the app as an Accessibility service through the Quick Start Wizard. The user can skip this step or disable the service through the device settings later. In this case, App Control is not running.
To configure App Control on Android devices:
The Security profiles section contains a list of security profiles configured in Kaspersky Endpoint Security Cloud.
The security profile properties window displays settings available for all devices.
The App Control settings page opens.
After the security profile is applied, Kaspersky Endpoint Security Cloud generates a report on the apps that have been installed on the device. You can view this report in the Management Console, in the mobile device properties. You will receive this report every time an app is installed on or removed from the device.
The App Control mode selection window opens, which also provides the advanced settings.
After the security profile is applied, Kaspersky Endpoint Security Cloud generates a report on prohibited apps that have been installed on the device. You can view this report in the Management Console, in the mobile device properties.
Kaspersky experts recommend against blocking system apps because this could lead to failures in device operation.
The App Control Rule Creation Wizard starts.
The rule that you created will be added to the list of App Control rules.
After the security profile is applied, App Control will be configured on Android devices. Depending on the App Control settings, the device user will be prompted either to remove forbidden apps or to install required and recommended apps. You can impose restrictions on user activity on a device on which blocked apps are installed or required apps are not installed (for example, lock the device). You can impose restrictions by using the Compliance Control component. To do so, in the scan rule settings, you must select the Forbidden apps are installed, Apps from forbidden categories are installed, or Not all required apps are installed criterion.
Page top