This chapter includes the information about how to add, view, and edit a policy.
Adding a Policy
To create a new Workspace policy, follow these steps:
- Log on to the Seqrite mSuite console and in the left pane, click Workspace > Policies > Add Workspace Policy.
- Enter Policy Name and Description. Select the Default check box to make this policy as the default policy. This default policy will be applied to all the newly added devices.
- Click Next to apply the policies. The Add Policy page is displayed.
- The Edit Policy tab includes different policies divided in sections. Visit each section, and select the required policy components. To turn on (enable) the policy, click in the red circle. This policy gets active and applies restriction on the device. To get complete information of the policy from already created policies, select the policy from the Inherit From list.
- Click Save and Publish. New policy is created successfully.
Viewing a Policy
After you create a new policy, you can view the policy, edit the policy information, and apply policy to a group. You can also view the version number of the policy. Editing the policy will change the current version of the policy.
To view the policy information, follow these steps:
- Log on to the Seqrite mSuite console and in the left pane, click Workspace > Policies.
- On Workspace Policies list page, select the policy and click the Edit icon.
The Policy Details page is displayed. The Overview tab displays the following policy information; Policy Details and Recently applied to groups.
- Policy Details: Shows the Policy Name, No. of Groups, Description, and Default.
- Recently Applied to Groups: Shows the date and time when the policy was created and also view the recently added groups.
The Show all option helps to view all the groups to which the policy has been applied. Clicking Show all, will navigate you to view all the added groups to the policy.
Editing Workspace Policy Details and Groups
The Edit tab includes the Edit details and Groups sections. The Edit details section allows you to make changes to the policy name and policy description. From Groups section, you can view the policy that is assigned to the group and also, apply the selected policy to more number of groups. You can also add the selected policy to the new groups and devices.
Note: Editing the policy will change the current version of that policy.
To edit the Workspace policy information, follow these steps:
- Log on to the Seqrite mSuite console and in the left pane, click Workspace > Policies > Edit icon > Edit > Edit details.
- You can edit the information such as; Policy Name and Description.
- To make this policy a default policy, select the Default check box.
Note: The default policy will be auto-applied to the newly added device.
- Click Save.
- Click the Groups section and then click Apply policy to groups. The Apply Policy to Group dialog box is displayed. You can search the groups or select the groups from the list.
- Select the group that you want to add to the policy and click Add Group. The groups are added to the devices.
You can edit the selected policy and apply the policies to the group. You can turn on the selected policy to apply the restrictions on the device.
To edit a policy, follow these steps:
- Log on to the Seqrite mSuite console and in the left pane, click Workspace > Policies > Edit icon > Edit Policy.
- A policy is divided into different sections. Visit each section, and turn on the required policy and choose the required options.
Sign indicators on policy page are as follows:
|Applied||It indicates that the parameter is part of that policy.|
|Not Applied||It indicates that the parameter is not part of the policy. To apply that parameter, click in the circle.|
|Not Available||It indicates that the parameter does not apply to that specific operating system.|
To know more about policies, see Policy Details.
- Click Save and Publish. All the edited policies are displayed.
- Enter the comments about the changes in the description text field and click Confirm.
Note: A new version number is generated whenever changes are made to the policy.
Advanced Search for Workspace Policies
The Advanced Search option allows you to perform an advanced search for different Workspace policies. To search policies, follow these steps:
- Log on to the Seqrite mSuite console and in the left pane, click Workspace > Policies > Advanced Search.
- From the Select Created By list, select the desired creator name and click Search.
The search result gets displayed.
Workspace Policies List Page
The Policies list page displays all the available Workspace policies in Seqrite mSuite.
Take Action options for Workspace policies
The Take Action list appears on the Workspace Policies list page when you select single or multiple policies. The Take Action options are as follows:
- Create Copy: Helps you to create a duplicate copy of a single selected policy. You can create a copy of a single policy, whereas you cannot create copy of multiple policies.
- Delete: Helps you to delete single or multiple selected policies.
Note: You cannot delete a policy which has a group assigned to it.
- Select the required option from the list and click Submit.
Workspace policies include all the policies that can be applied to Workspace to access and manage the Workspace components. The policies are categorized into different sections of the container such as application access, policies related to container, browser, email, password, calendar, contacts, and vault.
This policy is created to provide access and manage all the applications added to Seqrite Workspace. As an Administrator, you can enable or disable the use of such applications according to the organization strategy. This policy can be applied to both, Android and iOS device. You can apply policies on applications such as email, browser, file manager, camera, contacts and so on. The components of application access policy are as follows:
|1||Enable Email App||Helps you to provide access to the email application on the Workspace.|
|2||Enable Browser App||Helps you to provide access to the assigned browser inside the Workspace.|
|3||Enable Vault App||Helps you to provide access to the files in the Vault inside the Workspace.|
|4||Enable Camera App||Helps you to provide access to the camera application.|
|5||Enable Notes App||Helps you to provide access and use the note application when working in Workspace environment.|
|6||Enable Text Editor App||Helps you to provide access to the authorized text editor to be used inside Workspace.|
|7||Enable Contacts App||Helps you to provide access to the user’s corporate email contacts list.|
|8||Enable Calendar App||Helps you to provide access to the Outlook calendar events so that the user remains up-to-date with the day-to-day calendar events.|
This policy is applicable to both Android and iOS devices with Seqrite Workspace container. With this policy, you can access or apply restrictions on the container itself.
|1||Access WorkSpace Offline||Helps you to give access to the user to access the Workspace even in offline mode.|
|2||Workspace Lockout Time||Helps you to enable or disable this functionality and also set the lock time of Workspace if the app remains inactive for that set period.|
|3||Lock Workspace App in the Background||Helps you to lock the Workspace in the background.|
|4||Time-Bomb Period (days) to Wipe Workspace||Helps you to enable or disable the auto wipe functionality of WorkSpace to delete all its data in given number of day.|
|5||Allow Clipboard||Helps you to enable or disable the use of clipboard functionality (cut-copy-paste) inside the WorkSpace.|
|6||Allow Screen Recording|| Note: This policy is applicable only for iOS devices.
Helps you to capture your device’s screen activity including any apps, games, or videos you may be playing.
This policy is applicable to the default browser of the Workspace that can be applied to the Android and iOS devices. Different components of browser policy are as follows:
|1||Set Default Home Page||Helps you to enable or disable the functionality to change the default browser of Workspace. If this policy is enabled, then the URL set in the policy will be opened when Workspace browser is launched.|
|2||Allow Unsecure (http) URLs||Helps you to enable or disable the functionality to access the unsecure (http) URLs through Workspace browser.|
|3||Allow File Upload||Helps you to enable or disable the functionality to upload the file through Workspace browser.|
|4||Allow File Download||Helps you to enable or disable the functionality to download the file through Workspace browser.|
|5||Enlist File Formats to Allow Download/Upload||Helps you to add the file extensions that you can allow the user to upload or download it from Workspace browser. If this option is not enabled, then the device user can access any type of files through Workspace browser.|
|6||Enable Privacy and Security Settings||Helps you to enable or disable the privacy and security settings of Workspace. If this option is enabled, then the device user can make changes to the browser settings.|
|7||Allow Screenshot(s) on Browser App||Helps to enable or disable the functionality to take screen shot of Workspace browser.|
With this policy, you can apply different strategies and control the organizational emails. You can manage different email components such as account type, attachments and its file type or the size and so on with this email policy.
|1||Email Account Type||Helps you to enable or disable the functionality to select the email account type for the Workspace. By default, Seqrite provides Outlook and Gsuite accounts. Thus, you can select your respective corporate Outlook or GSuite account. If you set this account and enable it, then the device user has to use the same email account to access through WorkSpace.|
|2||Allow Email Attachments||Helps you to enable or disable the functionality to share email attachments through Workspace. If this option is enabled, the device user can share the email attachments and if it is not enabled then the device user cannot share any email attachments.|
|3||Enlist File Formats for Outgoing Email Attachment||Helps you to enable or disable the functionality to define the attachment file types that can be shared through WorkSpace email account. This component is dependent on the Allow Email Attachment component; if it is enabled then only you can access this policy. If this option is not set, the user can share any type of file as an attachment.|
|4||Allow Attachment from Outside the WorkSpace||Helps you to enable or disable the functionality to share the attachment from different options other than Workspace. If this option is not enabled, the device user can share the attachments only through WorkSpace.|
|5||Enlist Domains for Outgoing Emails||Helps you to enable or disable the functionality to set the corporate domains from which the device user can send the emails through Workspace. If this option is disabled, the device user can send emails to any domain.|
|6||Allow Maximum Size Limit for Download (MB)||Helps you to enable or disable the functionality to set the maximum downloadable size of the attachment in MB. Any attachment exceeding the maximum downloadable value, will not be downloaded. If this option is disabled, the device user can download email attachment of unlimited file size.|
|7||Shows BCC Field in Emails||Helps you to enable or disable the functionality to show the BCC option in the email. If this option is enabled then only the BCC option is visible while composing email through Workspace. If this option is disabled, BCC option will not be visible.|
|8||Allow Screenshots on Email App||Helps you to enable the ability to take screenshots inside email app|
Note: If you want to block users from accessing personal email on browser app, you must blacklist all popular free email domains in the Workspace Profile settings.
To access Workspace, you require password. Thus, password policy helps you to manage the Workspace password. You can set minimum password length or expiry days and so on. Depending on the defined password policy, the device user can view the password fields and will be restricted to use the defined password type.
|1||Password Strength||This options, helps you to set the password strength for device user. If you set low, medium, or high, accordingly the device user will be able to set the password for WorkSpace. PIN: The user can set Pattern, PIN or password. The user can set the password of 4-digit numeric PIN. This is less secure option. Moderate: The user can set the password of 6 or more alphanumeric (UPPER case) characters. This is secure option. Strong: The user can set the password of 8 or more characters including UPPER or lower case, number, and symbols.|
|2||Minimum Length for Password||This policy depends on Password Strength policy. If you have defined PIN, moderate, or strong, then accordingly 4, 6, 8 text fields will be displayed on the device.|
|3||Password Expiry (days)||Helps you to set the password expiry days for Workspace, and enable or disable this functionality.|
|4||Enable Touch ID||Helps you to enable or disable the Touch ID functionality. It forces the user to user the same fingerprint to login to the mobile device and WorkSpace.|
|5||Account Lockout Threshold for Invalid Logon||Helps you to enable or disable the functionality to take screenshot of the emails received in the Workspace.|
With this policy, you can apply this policy to the Workspace calendar app.
|1||Allow Screenshot(s) on Calendar App||Helps you to enable or disable the functionality to take screenshot of the Workspace calendar app.|
With this policy, you can apply policy on the Workspace contacts.
|1||Allow Screenshot(s) on Contact App||Helps you to enable or disable the functionality to take the screenshot of the contacts available in the Workspace.|
With this policy, you can apply policy on the Workspace vault.
|1||Allow Screenshot(s) on Vault App||Helps you to enable or disable the functionality to take the screenshot of the Workspace vault.|