List of non-compliance criteria

You can define these policy settings only for Android devices.

To ensure that an Android device complies with corporate security requirements, Kaspersky Endpoint Security for Android can check the device against the following criteria:

• Real-time protection is disabled.

  Real-time protection must be enabled.

  For more information on configuring real-time protection, see the "Configuring real-time protection" section.

• Anti-malware databases are out of date.

  The anti-virus database of Kaspersky Endpoint Security for Android must be regularly updated.

  For more information on defining the settings of anti-virus database updates, see the "Configuring anti-virus protection" section.

• Forbidden apps are installed.

  The device must not have applications installed that are classified as Block from launching, as specified in the App Control section.

  For more information on creating rules for applications, see the "Configuring App Control" section.

• Apps from forbidden categories are installed.

  The device must not have applications installed that fall under a category that is classified as Block from launching, as specified in the App Control section.

  For more information on creating rules for application categories, see the "Configuring App Control" section.

• Not all required apps are installed.

  The device must have specific applications installed that are classified as Force to install, as specified in the App Control section.

  For more information on creating rules for applications, see the "Configuring App Control" section.

• Operating system version is out of date.

  The device must have an allowed version of the operating system.

  For using this non-compliance criterion, you must specify the range of allowed operating system versions in the Minimum operating system version and Maximum operating system version drop-down lists.

• Device has not been synchronized for a long time.

  The device must be regularly synchronized with the Administration Server.

  For using this non-compliance criterion, you must specify the maximum time interval between device synchronizations in the Synchronization period drop-down list.

• Device has been rooted.

  The device must not be rooted.

  For more information, see the "Detecting device hacks (root)" section.

• Unlock password is not compliant with security requirements.

  The device must be protected with an unlock password that complies with the unlock password strength requirements.

Page top