This article provides an overview of the menu item Policies in the Cortado app for Android.
- On the start page of the Cortado app select the menu item Policies.
Here you get an overview of policies that your administrator has set for your device.
On devices with a work profile, you can distinguish between policies that apply to the entire device (left image) or to the work profile (right image). In particular, there are password policies that apply to the entire device and password policies that apply only to the work profile.
For fully managed devices, all policies affect the entire device.
Policies for devices with work profile
For devices with a work profile, the number of policies is limited. Whether, by means of a policy a functionality is allowed or not, is written under the respective policy (example in the illus.).
There are only a small number of guidelines that have an effect on the entire device. These are exclusively for the protection of the work profile. For example, your administrator can influence the way the device is unlocked (fingerprint or Trust Agents/Smart Lock) and the strength of the device password. Beyond that the administrator has no access whatsoever to any private area on your computer.
If you have a work profile on your device, the majority of policies refer solely to the work profile or to the communication between work profile and the device. For example, the administrator can determine whether the camera app is to be part of your work profile (left illus.) or not (right illus.). Or the administrator can determine whether data may be exchanged between the work profile and the private profile.
For example, the Screen Capture policy (lower arrow in the left image) also applies only to your work profile. If screen capture is not allowed, you can no longer take screenshots within the work profile. Outside of your work profile, this policy has no effect.
Also, the Install apps from unknown sources policy (arrow in the left illus.), only applies to the installation of such apps within the work profile. In the example, changing this setting is disabled (arrow in the right illus.). In the private profile, you can allow the installation of these apps (arrow in the middle illus.).
If account changes are not allowed (arrow in the left illus.), it simply means that you cannot add any more business accounts on your device (arrow in the right illus.). New, private accounts can still be added (arrow in the middle illus.).
Policies for fully managed devices
A variety of policies are available for fully managed devices. A large part of all available device settings can be controlled by your administrator with the help of policies. Whether a functionality is allowed or not by means of a policy is indicated under the respective policy (example in the left illus.). In the device settings, the blocked functionality is marked with a corresponding note (example in the right illus.).
Password policies
On devices with a work profile, your administrator can set password policies for the work profile or the entire device. In addition, you can specify, among other things, the password strength, password length, password expiration, etc., or whether a uniform lock may be used for the work profile and device.
Create your password according to the guidelines otherwise your work apps will be locked.
If your password has expired, you will receive a corresponding message in the app and your work apps will also be locked.
Note! If the maximum number of failed logins set by your administrator is exceeded, the work profile will be deleted from the device or the fully managed device will be reset to factory settings.
For fully managed devices, password policies can be set for the entire device. For example, you can see here how long the password must be and whether it must contain upper and/or lower case letters, etc. (example in illus.).
If the password policies set by your administrator are not enforced, your apps will be blocked.