There are two mobile security policies described in this topic:
- Mobile Passcode Enforcement policy
- Open-in Restriction policy
NOTE: These policies are only applicable for Android app 3.0 (or higher) and iOS app 3.0 (or higher).
To access these policies:
- Click admin in the console.
- Click policies.
- Select the policy.
- In the Manage Policy Set page, expand Mobile Apps, then expand Security:
Mobile Passcode Enforcement Policy
Overview
By default, Syncplicity users on mobile devices are not required to enter a passcode when accessing Syncplicity. However, users can continue to set passcodes locally on their devices. For end users, this policy's default setting provides the most flexibility, but introduces possible access to sensitive corporate information. For added security, you can require users to enter a passcode when they access Syncplicity.
With this policy, you can configure Syncplicity to do the following:
- Automatically remote wipe all user data from Syncplicity on a user's device when the wrong passcode is consecutively entered (set number of failed attempts). If this option is not selected, the user's data from Syncplicity is not wiped regardless of the number of failed attempts.
- Require mobile users to enter the passcode only after a specified period of time has elapsed since they last entered the passcode. This setting avoids requiring users, who send the Syncplicity app to the background, from having to re-enter the passcode each time they bring Syncplicity back into the foreground. If this option is not checked, users are not prompted to enter a passcode after a specific amount of time, but they do have to re-enter the passcode when they bring Syncplicity from the background to the foreground.
TIP: If you are using an MDM (such as AirWatch or MobileIron) to manage mobile devices, disable the Mobile Passcode Enforcement policy or set the remote wipe and re-enter values to be greater than the values set in the MDM system.
Policy use case
To provide added protection against lost or stolen devices, Company A admin has enabled the Syncplicity Mobile Passcode Enforcement policy, allowing 10 failed attempts. An employee's stolen phone has had 10 failed attempts to access the Syncplicity application. These failed attempts automatically triggered a remote wipe of all data in the Syncplicity application from the stolen phone.
Open-in Restriction Policy
By default, Syncplicity users on mobile devices can open files in third party applications installed on their mobile devices. For end users, this allows the most flexibility, but introduces possible data leaks. For added security, you can set Syncplicity to prohibit (disallow) mobile users from opening files in third party applications. In addition, this policy prevents users from opening Syncplicity content while they are within external applications (such as Microsoft Office apps and iOS Files app).
NOTE: This policy does not control features such copy and pasting the content, capturing screen shots, or other forms of exporting content. MDM software is required for controlling these types of operations. Also, this policy does not apply when users upload content into their Syncplicity account from within another applications.