Policy Configuration

Policies in Golain allow you to define security and management rules that are automatically applied to enrolled Android devices. This guide covers how to create, configure, and manage policies.

What are Policies?

Policies are sets of rules and configurations that control how Android devices behave in your organization. They can enforce security requirements, restrict certain features, configure applications, and more.

Policy Types

Golain supports various policy types through Android Management API:

Security Policies

• Password Requirements: Set password complexity, length, and expiration rules
• Screen Lock: Enforce screen lock timeout and lock screen requirements
• Encryption: Require device encryption
• Certificate Management: Install and manage certificates

Application Policies

• App Installation: Control which apps can be installed
• App Restrictions: Block or allow specific applications
• App Updates: Configure automatic app updates
• App Whitelisting/Blacklisting: Create lists of allowed or blocked apps

Network Policies

• Wi-Fi Configuration: Configure Wi-Fi networks automatically
• VPN Configuration: Set up VPN connections
• Data Usage: Monitor and restrict data usage

Device Restrictions

• Camera: Enable or disable camera access
• Bluetooth: Control Bluetooth functionality
• USB Debugging: Allow or restrict USB debugging
• Developer Options: Control access to developer settings
• Factory Reset: Allow or prevent factory reset

Creating a Policy

1. Log into the Golain management portal
2. Navigate to Policies section
3. Click Create New Policy
4. Enter a policy name and description
5. Configure policy settings (see sections below)
6. Click Save

Policy Configuration Options

Security Settings

Password Policy

Configure password requirements:

• Minimum Length: Set minimum password length (4-16 characters)
• Password Quality: Choose from None, Numeric, Alphabetic, Alphanumeric, Complex
• Password Expiration: Set password expiration period in days
• Password History: Prevent reuse of previous passwords

Screen Lock

• Lock Screen Timeout: Time before screen locks automatically (seconds)
• Lock Screen Type: Require specific lock screen types (PIN, Password, Pattern, etc.)

Encryption

• Require Encryption: Enforce device encryption
• Encryption Type: Specify encryption requirements

Application Management

Install Policy

• Allow Unknown Sources: Control installation from unknown sources
• Install from Play Store Only: Restrict to Google Play Store installations
• Approved Apps: List of apps that can be installed

App Restrictions

• Blocked Apps: List of apps that cannot be installed or used
• Required Apps: Apps that must be installed on all devices
• App Auto-Update: Configure automatic app updates

Network Configuration

Wi-Fi Settings

• Auto-Connect: Configure automatic Wi-Fi connection
• Wi-Fi Networks: Pre-configure Wi-Fi networks with credentials
• Wi-Fi Restrictions: Control which Wi-Fi networks can be used

VPN Configuration

• VPN Type: Configure VPN connection type (L2TP, PPTP, IPSec)
• VPN Server: Set VPN server address
• VPN Credentials: Configure authentication

Device Restrictions

Configure what users can and cannot do on their devices:

• Camera: Enable/disable camera access
• Bluetooth: Allow/restrict Bluetooth
• USB Storage: Control USB storage access
• Screenshot: Allow/restrict screenshots
• Location Services: Control location access
• Microphone: Enable/disable microphone access

Applying Policies

To Individual Devices

1. Navigate to Devices
2. Select a device
3. Go to Policies tab
4. Click Assign Policy
5. Select the policy to apply
6. Click Save

To Device Groups

1. Navigate to Device Groups
2. Select a group
3. Go to Policies tab
4. Click Assign Policy
5. Select the policy to apply
6. The policy will be applied to all devices in the group

Policy Priority

When multiple policies are applied:

• Device-specific policies take precedence over group policies
• More restrictive settings override less restrictive ones
• Policies are merged where possible

Policy Templates

Golain provides pre-configured policy templates for common scenarios:

Basic Security

A basic security policy with:

• Password requirements
• Screen lock timeout
• Basic app restrictions

High Security

Enhanced security policy with:

• Strong password requirements
• Encryption enforcement
• Strict app controls
• Advanced restrictions

Kiosk Mode

Policy for dedicated device use:

• Single app mode
• Restricted navigation
• Locked settings

Editing Policies

1. Navigate to Policies
2. Find the policy you want to edit
3. Click Edit
4. Modify settings as needed
5. Click Save
6. Changes are automatically applied to all devices using the policy

Policy Compliance

Checking Compliance

1. Navigate to Reports
2. Select Policy Compliance
3. View compliance status for all devices
4. Identify non-compliant devices

Compliance Status

• Compliant: Device meets all policy requirements
• Non-Compliant: Device violates one or more policy rules
• Pending: Policy is being applied

Best Practices

1. Start Simple: Begin with basic policies and add restrictions as needed
2. Test First: Test policies on a small group before applying organization-wide
3. Document Changes: Keep records of policy changes and reasons
4. Regular Review: Review and update policies regularly
5. User Communication: Inform users about policy changes

Troubleshooting Policy Issues

If policies are not applying correctly:

1. Check device connectivity status
2. Verify policy assignment
3. Review policy conflicts
4. Check device compatibility
5. See Troubleshooting Guide for more help

Next Steps

• Learn about Device Management
• Check Troubleshooting Guide for policy-related issues