It prevents users from accessing corporate data from unknown, public, or unauthorized devices. This ensures no business data is transferred, virus-infected, or so to and from a personal or public device.
- The policy is setup using the device's unique MAC Id
- Does not allow business data from personal machines, unless specified by IT admin
- Policy violation report sent to admin on daily basis
- Self-service rollout
- Supports Linux, MAC, Windows, Chromebook
To create a new policy, Navigate to Home -- Policies -- Access Control -- Web, Click on Add option & you will get below page.
Title: Name your policy to identify it later when you want to make changes quickly.
Description: Short description for helping understand the policy if more than one admin is managing the account
Enabled: For some reason, if you want the policy to be disable for some time and re-enable it, you can check/uncheck “Enabled” option as shown above.
Valid Always: You can decide the validity of the policy with Valid Always button. Toggling this you can say whether you want a policy for a stipulated time or a policy which is always applied
Valid From and Valid To: If Valid Always is off, then you will have to provide the date range for which the policy needs to be applied. This way admin need not manually turn off the policy
Risk: Select the Risk factor as per your norms
Category: Select the category as Default or App, for default option, the policy will work as it is & for App option, the specific application will get bypass.
In Device Restriction Option, you can whitelist the IP or whitelist MAC address and Device policy will get bypass for whitelisted IP or MAC Add.
You can implement this policy on specific user’s or OU’s or entire domain ( all User)
***********************************************************************