Android Enterprise Policies

Satish Shetty Updated by Satish Shetty

The Codeproof Android EMM provides following app level and device level restrictions.

Device Restrictions

The Codeproof EMM Can restrict following policies at the device level.

  • Block Factory Reset
  • Block Recovery Mode
  • Block Developer Mode
  • Block App Install from unknown sources
  • Block Accounts Management
  • Block SMS and Phone calls
  • Block Camera
  • Block WiFi, VPN and Bluetooth Config
  • ..etc

App Restrictions

Application Controls
  • Block Apps Installation - This policy blocks all the apps installations including APKs
  • Blocks Apps Uninstallation - This policy blocks apps uninstallations
  • Block Apps Modification in Settings - This policy blocks apps deleting of data & cache through Settings App
  • Block Install Apps From Unknown Sources - This policy blocks side loading of APKs


Managed Playstore Policies
  • Auto Install and Update Approved Apps - Enabling this policy will automatically pushes all the approved apps to device. Also automatically updates app from the playstore on a regular basis. If you want to push an app immediately, go to Playstore Manager in the console to push it.
  • Allowed Apps

Include Approved Apps Only - This policy allows installation of Android-Enterprise(AfW) approved apps only. It blocks apps installation from personal gmail accounts and APKs. When the application installation is blocked, The MDM Administrator will receive an alert (email or SMS). Please see the attached screenshots below. It doesn't block previously allowed apps.

Include Approved Apps and APKs - This policy allows installation of Android Enterprise(AfW) approved apps, allows installation of apps from personal gmail account and APKs as well. It doesn't unblock previously blocked apps.

Include All Apps - This policy allows all the apps installations. The playstore app in the device will have a top search bar. Using this search bar end-user can search and install any apps.


To un-block previously blocked apps, use the "Container Manager" whitelist section. Also, approve the app so that it gets auto-updated.


Application blacklist

Using the blacklisting option, The MDM Administrators can blacklist any apps in the device. The app will be disabled in the device and the app icon will be hidden.

Policy Manager Screenshot:



Application blocked Email Alert :



How did we do?

Factory Reset Protection (FRP)

Selectively deploying apps from the managed playstore