home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Configuring and Enforcing Compliance

Creating Always-On Policies for Lookout Low, Medium, and High Risk User Groups in UEM

Users are automatically moved into the Low, Medium, or High Risk User Groups you created in Creating User Groups for Enrollment and Device State Sync based on their device threat state in Lookout. In order to apply compliance actions against these groups, you can create Low, Medium, and High Risk policies that use a trigger that is always true. By applying an always-on policy to the Low, Medium, or High Risk group, you automatically apply it to any device in that User Group.

The steps below create an always-on policy for High Risk devices that immediately revokes trust:

  1. In the BlackBerry UEM sidebar menu, click Policies and profiles:
  2. Click the + icon beside Compliance to create a new compliance policy.
    l

    The Add a compliance profile screen displays.

  3. Enter the following:
    FieldValue
    NameLookout High Risk (iOS)
    Email sent when violation is detectedDefault compliance email
    PlatformClick the iOS tab.
    Restricted app is not installed

    Checked.

    This enables the fields listed below.

    Restricted App Name(See below)
    Enforcement actionUntrust
  4. To set the Restricted App Name, click the + icon on the right of the list header, then click Select an app from the restricted app list:
  5. Click Specify the app package ID and enter the ID .

    Default IDs are listed below. If you are using an .apk file provided by Lookout Enterprise Support.

    App EditionPackage ID
    iOS App Store Edition 
    com.lookout.work
    Android Edition 
    com.lookout.enterprise
  6. Click the Android tab and repeat Steps 3-5.
  7. Check Enforce compliance actions in the personal space.
  8. Click Add.
  9. In the BlackBerry UEM sidebar menu, click Groups.
  10. Select the Lookout (High Risk) group you created in Creating User Groups for Device State Sync and Enrollment.
  11. On the group page, click the + icon on the far right of the IT policy and profiles list and select Compliance.
  12. Select the Lookout High Risk profile and click Assign.

    Optionally, repeat these steps to add policies for Medium and Low Risk devices and assign them to the corresponding user groups. Configure the Enforcement action based on your company’s requirements.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.