Create a Compliance Policy

Create a compliance policy to automatically flag devices based on criteria and enforce actions on non-compliant devices.

Before you begin

Make sure that you have the View Compliance Policies and Manage Compliance Policies permissions enabled. See General Permissions for details.

About this task

Use compliance policies to flag devices that meet specified criteria and to perform automatic actions on non-compliant devices.

Procedure

To create a new compliance policy:
  1. From the SOTI MobiControl main menu, select Policies > Compliance.
  2. Select New Compliance Policy to launch the Create Compliance Policy wizard. See Create/Edit Compliance Policy for details.
    Image of the Create Compliance Policy screen with Android, Apple, Windows, and Linux selections.
  3. Select the device type for this compliance policy. You must create separate compliance policies for each device type, as settings vary. Supported types include:
    • Android
    • Apple (macOS configuration requires SOTI MobiControl version 15.5.2 and later and macOS Agent 15.2.1 or later)
    • Windows
    • Linux
  4. Enter a name and description for the compliance policy, then select Next.
  5. In the Criteria section, set the compliance status as:
    • Compliant
    • Non-Compliant
    Then, define the matching device criteria in the Search field. Select the relevant device properties and extended properties to determine which devices receive the selected compliance status.
    Note: The compliance policy filter uses the same search functionality as the Devices view but supports fewer properties. You can combine properties using Boolean operators, which vary by device type. macOS and iOS share a common criteria list. See Create/Edit Compliance Policy for details on supported criteria.

    Learn more about crafting advanced filters at Searching With Properties.

  6. Under Actions for Non-Compliant Devices, select Add to specify the actions SOTI MobiControl should perform on non-compliant devices. If you do not add any actions, non-compliant devices are only flagged in the console without further action.
  7. Select an action type from the dropdown list. The available options change depending on the selected action. For a complete list of supported actions, see Compliance Policy Actions.
  8. Configure the action and select Add Action. You can add multiple actions to a compliance policy.
    You can set actions to execute as soon as a device becomes non-compliant or delay the actions for a specified time.
  9. Select Save to save the compliance policy without assigning it to any devices or Save and Assign to proceed straight to assigning it.

Results

The new compliance policy appears in the Compliance Policies view. From here, you can edit the policy, assign it to additional device groups, or review its criteria and actions. Assigned policies automatically evaluate devices and apply the defined compliance actions when a device no longer meets the set criteria.

What to do next

Assign the compliance policy to devices.