Features ONLY supported in DO Mode

Owned by Lisa Basel
Last updated: Sept 02, 2022
3 min read

Encryption of data on device

By default, using the QR code for enrollment, the device will be provisioned/setup to have all data encrypted

What Rules are NOT supported with Basic Enrollment

If a Rule is indicated to be "DO Mode" as shown below, then the Rule will ONLY apply to your devices that were enrolled with DO (Device Owner) Enrollment

DO Mode ONLY rules are:

Install/update work apps

  •  

    • Push the installation of selected apps from the managed Google Play Store to the device

    • In case that selected app is already installed on a device, it will be updated to latest version. 

    • NOTE: If in the Install list of Apps, then is automatically in the "Whitelist" and available on managed Google Play Store for the device

Useful notes on automatic App updating

By default, Managed Google Play apps will not update unless the following conditions are met:

  • The device is connected to Wi-Fi

  • The device is charging

  • The device is not actively being used

  • The app to be updated is not running on the foreground

For more information, see the Manage App Updates documentation from Google.

There is a device setting that defaults to "Update apps over Wi-Fi only"

Whitelist apps

  • Specifies which apps will be listed in managed Google Play Store app and therefore available to be installed.

  • If there are no apps in your Whitelist, then ALL apps in the managed Play Store are available to be installed.

Disallow uninstall apps

  • Specifies if a user is disallowed from uninstalling app from their device.

Disallow factory reset

  • Specifies if a user is disallowed from factory resetting the device.

Allow adding/deleting accounts

  • Devices in DO Mode will by default not be allowed to add a Google Account to their device.  Adding accounts allows device users to head into Settings > Accounts and add an account. This allows them to switch to their personal Google account within Google Play, providing full access to the Play Store from which they may install applications you may want to restrict.

  • When applied, this rule option will allow user to manage (add/delete) accounts on android apps.

  • This rule is needed if device users want to add a Google account for email and other Google apps

Disable Mobile Hotspotting

  • A user will see a message saying "Unable to perform action" when there is a rule for the device and they attempt to turn on device hot spotting

  • NOTE: You will see evidence of data usage via hot spotting/tethering in this System Android package

Set private DNS (Requires android OS >= 10)

  • This rule is for Web Content Filtering

  • In projects where mobile devices are used to browse the internet, additional customization is needed, particularly when it comes to filtering inappropriate content.

  • The ‘set private DNS’ rule allows admins to choose which websites are accessible and which aren't, via a DNS server of their choice.

  • Once this rule is set up, inappropriate content will be blocked from web browsers and any apps attempting to reach it.

  • DNS should support DNS over TLS standard

Disallow config date and time

  • This rule stops users from changing their Date and Time Settings in Android

  • FocusMDM’s unique ‘block apps at a given time interval’ rule allows customization of app usage times - say: blocking YouTube during working hours.

  • With the ‘Disallow config date and time’ rule, device holders are now unable to circumvent this rule by changing the time manually in the device settings.