Directly contact our Support Team

Understanding Compliance Status

Bitdefender GravityZone provides full visibility into organizations' overall security posture, global security threats, and control over its security services that protect virtual or physical desktops, servers and mobile devices. All Bitdefender's Enterprise Security solutions are managed within the GravityZone through a single console, Control Center, that provides control, reporting, and alerting services for various roles within the organization.

This article explains how mobile devices become non-compliant against GravityZone security rules and the actions you can take in such situations.

Once the GravityZone Mobile Client application has been activated on a mobile device, Control Center checks if the corresponding device meets all the security compliance requirements.

Mobile devices can have the following security statuses:

  • Without Security Issues, when all compliance requirements are satisfied.
  • With Security Issues, when at least one of the compliance requirements is not satisfied.

Non-compliance criteria

A device is declared non-compliant in the following situations:

Android devices:

  • Device is rooted.
  • GravityZone Mobile Client is not Device Administrator.
  • USB Debugging is enabled.
  • Malware is not removed within one hour after detection.
  • Policy is not satisfied:
    • The user does not set the lock screen password within 24 hours after the first notification.
    • The user does not change the lock screen password at the specified time.
    • The user does not activate device encryption within seven days after the first notification.

iOS devices:

  • Device is jailbroken.
  • GravityZone Mobile Client is uninstalled from the mobile device.
  • Policy is not satisfied:
    • The user does not set the lock screen password within 24 hours after the first notification.
    • The user does not change the lock screen password at the specified time.

Default action when the device is non-compliant

When a device is declared non-compliant, the user is prompted to fix the non-compliance issue. The user must make the required changes within a specific time period, otherwise the selected action for non-compliant devices will be applied (Ignore, Deny access, Lock, Wipe or Unlink). You can change the action for non-compliant devices in the policy at any time. The new action is applied to non-compliant devices once the policy is saved.

From the menu corresponding to each device ownership type select the action to be taken when a device is declared non-compliant:

  • Ignore. Only notifies the user that the device does not comply with the mobile device usage policy.
  • Deny Access. Blocks the device access to corporate networks by deleting the Wi-Fi and VPN settings, but keeping all the other settings defined in policy. Blocked settings are restored as soon as the device becomes compliant.
  • Lock. Immediately locks the device screen.
    • On Android, the screen is locked with a password generated by GravityZone. If the user already has a lock screen password, this will be automatically changed.
    • On iOS, if the device has a lock screen password, it is asked in order to unlock.
  • Wipe. Restores the factory settings of the mobile device, permanently erasing all user data.
  • Unlink. The device is immediately removed from the network.

Rate this article:

Submit