Endpoint Services, Workspace ONE, Default Device Security Settings

Systems

Workspace ONE Unified Endpoint Management (UEM)

Affected Customers

University of Illinois IT Pros leveraging Technology Services Endpoint Service Workspace ONE UEM

Actions

• General Information
• iOS Security Profile
• Android Security Profile

General Information

iOS and Android devices enrolled into Workspace ONE are subject to the default security profiles outlined below. If you would like to request an exception, please submit a help request with full details and a business justification for the exception.

Enrolled macOS and Windows devices are not subject to a default security profile at this time.

iOS Security Profile

The default iOS security profile contains the following device settings:

• Require Passcode on Device
• Allow Simple Value
• Minimum Passcode Length = 4
• Maximum Passcode Age (days) = 90
• Auto-Lock (minutes) = 5
• Passcode History = 5
• Grace period for Device Lock (minutes) = 15
• Maximum Number of Failed Attempts = 10

Android Security Profile

The default Android security profile contains the following device settings:

• Minimum Passcode Length = 4
• Passcode Content = Any
• Maximum Number of Failed Attempts = 10
• Grace period for Passcode Change = immediately
• Maximum Passcode Age (days) = 90
• Passcode History = 10
• Device Lock Timeout Range (minutes) = 10
• Enable Passcode Visibility
• Allow Fingerprint Unlock
• Require Storage Encryption (Always)
• Require SD Card Encryption
• Require Passcode
• Lockscreen Overlay Disabled

---

Contact the EPS team

Show me... All Endpoint Services KB pages All of the CrowdStrike KB pages All of the Multi-Tenant Munki KB pages All of the MECM KB pages All of the Workspace ONE pages