Managing device policies
Coro implements device management through policies. In a policy, you can define application Allowlists that can enforce application usage restrictions on the enrolled devices to which the policy is applied.
For supervised iOS and iPadOS devices, a policy does not prevent excluded applications from being seen in the Apple App Store, nor does it prevent installation. However, a policy does prevent the user from being able to run an installed application that is not part of the policy Allowlist. For BYOD iOS and iPadOS enrollments, a policy cannot be enforced at all. However, Coro can retrieve an installed app list from the device and report where policy contraventions occur on the Devices page.
For company-owned Android devices, an applied policy completely prevents the user from viewing excluded applications in the Google Play Store or installing anything not on the policy Allowlist. This is also true for BYOD Android devices, although this is limited to the installed Work profile.
note
The Personal profile on a BYOD Android device is completely unaffected and continues with normal unrestricted access to apps in the Google Play Store.
Coro allows an individual policy to be applied to iOS/iPadOS and Android devices concurrently, with a single policy containing separate configuration for each platform. Mobile devices of both types can be enrolled in MDM without an applied policy if you wish to just monitor the device. However, to actively manage a device, apply a policy.
Important
You can apply a single policy to multiple devices, but a device can have only one policy applied at any time.
Before you set up a device policy, make sure you know the Bundle IDs (iOS/iPadOS) or Package names (Android) of the applications you want to allow.
To view and create device policies, perform the following steps:
- Sign into the Coro console .
-
Select the
Mobile Device Management
module.
note
If Mobile Device Management is not enabled, contact your Coro sales representative.
- From the MDM - Mobile devices management page, select the Policies tab:
On this tab, you can:
- View all defined policies, including details such as the number of devices to which it is currently applied.
- Select a policy to view a count of the allowed apps for each device type.
- Add a new policy, see Creating a new device policy .
- Filter the page to view only selected policies or by policy assignment status.
- Sort the policy list by policy name, assigned devices, or last modified date, in ascending or descending order, as indicated by the arrow next to the column headings.
- Search for a policy by name.
Each policy is listed with the following information:
Property | Description |
---|---|
Policy name | The name of the device policy. |
Assigned devices | Whether the policy is currently assigned to any devices. |
Last modified | The date the policy was last updated. |
Actions menu | Actions available for this policy: * Edit policy * Delete policy |
Creating a new device policy
To create a new mobile device policy, perform the following steps:
-
From the
Policies
tab, select
+ ADD POLICY
.
The Create policy dialog appears, in the General info step:
-
Enter the following details:
- Policy name : Enter a unique short name for the new policy.
- Description : (Optional) Enter a description of this policy.
Select Next to continue.
-
In the
Allowed Apps
step, select either the
iOS policy
tab or the
Android policy
tab based on your requirements:
-
Enter one or more application Bundle IDs (iOS/iPadOS) or Package names (Android) into the field provided. Coro searches for and displays a list of matching applications. Select the required application, or choose to add the bundle/package as entered.
If you wish to remove an entry, select the adjacent delete option:
- (Optional) Repeat this step in each platform tab as required.
- To save your policy, select SAVE .
Applying a device policy
After you have defined a device policy, apply it to your mobile devices through the following method:
- From the Devices tab, locate and select the desired device.
-
From the
ACTIONS
menu in the right pane, select
Assign policy
:
note
If the device already has a policy assigned, first select Remove policy. You can then proceed to apply a new policy.
Coro displays the Browse Policies dialog:
- Select a policy from the list.
- Select ASSIGN POLICY .
Policies are assigned immediately to connected devices, although Coro recommends allowing a short time for all affected devices to be fully updated. Devices must be connected to the internet for the policy to take effect.
note
For Android devices only: If you subsequently edit an assigned policy by removing or replacing allowed applications, devices affected by the change are updated automatically without notice to the user when next online. That is, installed applications no longer allowed after the policy update are automatically uninstalled and cease to be visible in the Google Play Store.
Deleting a device policy
You can permanently delete a device policy through the Policies tab.
Perform the following steps:
- Locate the policy you want to delete from the list.
-
Select the adjacent
Actions
menu. Then, select
Delete Policy
:
Coro presents a confirmation dialog. For reference, this show how many devices to which the policy is currently applied and that would be affected by this action:
If you proceed to delete the policy, those devices become unnassigned.
- To delete the policy, select DELETE .