In the Cortado administration portal, you will find a variety of policies for configuring connection settings. With the help of these policies, you can control the use of Bluetooth, VPN, mobile connections (including roaming) or the use of hotspot & tethering. This increases device and data security.
Aim
In this How-To we will show you how to configure policies for the connection settings in order to increase device and data security.
Implementation
- In the Cortado administration portal, select Administration→ Policies.
- Add a new policy by clicking on the plus icon.
- Then select Android and as the setup method Fully managed device, Work profile or Work profile on company-owned device (example in illus.).
Under Network & Connectivity, you will find the options that are explained in more detail below. The image shows the available policies for fully managed devices. All settings are allowed here by default.
Note! Only some of the policies described below are available on devices with a work profile or work profile on company-owned devices.
Allow configuration of Bluetooth
Allow configuration of mobile network connections
Allow configuration of wireless emergency alerts
Allow configuration of hotspot & tethering
Allow use of Bluetooth
Bluetooth allows data to be shared wirelessly over short distances. In addition to file transfer, this also includes wireless connection with other devices such as headphones, speakers, smartwatches, etc. If you want to prohibit your users from using Bluetooth, remove the tick from the checkbox and assign the policy to the users/groups/devices. Bluetooth will then be deactivated on the devices (left image) and can no longer be used (right image).
Allow configuration of Bluetooth
This policy is currently not available!
Allow Bluetooth sharing
Bluetooth is a proven method for sharing files between Android devices and PC/laptop (left and middle image). If you do not want users to share files via Bluetooth, remove the tick from the checkbox and then assign the policy to the users/groups/devices. Files can then no longer be shared via Bluetooth. The Bluetooth option is no longer offered for sharing (right image).
Allow configuration of mobile network connections
If you want to prevent users from making changes to the mobile phone settings, remove the tick from the checkbox and assign the policy to the users/groups/devices. Now no more changes can be made to the SIM card settings.
Allow configuration of VPN
VPN (Virtual Private Network) is a service that establishes a secure, encrypted Internet connection between an end device and a VPN server. A protected connection via the unprotected Internet, using encrypted data lines.
You can use this policy to prevent users from accessing the VPN settings. However, active VPNs that were previously created by users will still be started. To do this, remove the tick from the checkbox and assign the policies to the users/groups/devices. It is then no longer possible to change the settings (left and right image).
Allow configuration of wireless emergency alerts
Cell Broadcast is a mobile radio service that sends warning messages to all smartphones within a specific radio cell. The police and fire department control centers control which radio cells should broadcast the warnings. If you want to deactivate the receipt of emergency notifications, remove the tick from the checkbox and assign the policy to the users, groups/devices. Settings are then deactivated (left image) and can no longer be changed (right image).
Allow configuration of hotspot & tethering
A mobile data connection can be shared via a hotspot so that another device (smartphone, tablet, etc.) can use it to connect to the Internet. This type of connection sharing is known as tethering. If you want to prevent users from sharing their mobile data connection, remove the tick from the checkbox and assign the policy to the users/groups/devices. The option will then be deactivated (left image). In the Cortado app settings, users can see which policies have been allowed/disallowed or activated/deactivated (right image).
Allow airplane mode
Airplane mode on a smartphone is a setting that disables all wireless communication functions of the device. This includes cellular connections, Wi-Fi, Bluetooth and GPS. If you want to prevent users from activating flight mode on the devices, remove the tick from the checkbox and assign the policy to the users/groups/devices. The option is then deactivated (left image) and can no longer be changed (right image).
Allow data roaming
Data roaming is a service that makes it possible to use a mobile data connection when the device is outside the network of the home mobile phone provider. This allows you to use the networks of other mobile phone providers in other countries. Data roaming can incur high costs. If you want to disable this option, remove the tick from the checkbox and assign the policy to the users/groups/devices. Data roaming will then be deactivated in the device settings (left image). In the Cortado app settings, users can see which policies are allowed/not allowed or activated/deactivated (right image).