You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/android-configure.md
+13-3Lines changed: 13 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -132,7 +132,7 @@ Admin Privacy Controls (MDM) Use the following steps to enable privacy.
132
132
133
133
4. On the Settings page, select **Use configuration designer** and then select **Add**.
134
134
135
-
5. Select the required privacy setting -
135
+
5. Select the required privacy setting
136
136
- Hide URLs in report
137
137
- Hide URLs in report for personal profile
138
138
- Hide app details in report
@@ -198,8 +198,10 @@ Defender for Endpoint supports vulnerability assessment of apps in the work prof
198
198
2. Give the policy a name; **Platform \> Android Enterprise**; select the profile type.
199
199
3. Select **Microsoft Defender for Endpoint** as the target app.
200
200
4. In Settings page, select **Use configuration designer** and add **DefenderTVMPrivacyMode** as the key and value type as **Integer**
201
+
201
202
- To disable vulnerability of apps in the work profile, enter value as `1` and assign this policy to users. By default, this value is set to `0`.
202
203
- For users with key set as `0`, Defender for Endpoint sends the list of apps from the work profile to the backend service for vulnerability assessment.
204
+
203
205
5. Select **Next** and assign this profile to targeted devices/users.
204
206
205
207
Turning the above privacy controls on or off won't impact the device compliance check or conditional access.
@@ -238,7 +240,9 @@ Use the following steps to turn on privacy for targeted users in the work profil
238
240
2. Give the policy a name, **Platform > Android Enterprise**, select the profile type.
239
241
3. Select **Microsoft Defender for Endpoint** as the target app.
240
242
4. In Settings page, select **Use configuration designer** and add **DefenderExcludeURLInReport** as the key and value type as **Integer**.
241
-
- Enter **1 to enable privacy**. The default value is 0.
243
+
244
+
Enter **1 to enable privacy**. The default value is 0.
245
+
242
246
5. Select **Next** and assign this profile to targeted devices/users.
243
247
244
248
Turning the above privacy controls on or off won't impact the device compliance check or conditional access.
@@ -277,7 +281,9 @@ Use the following steps to turn on privacy for targeted users in the work profil
277
281
2. Give the policy a name, **Platform > Android Enterprise**, select the profile type.
278
282
3. Select **Microsoft Defender for Endpoint** as the target app.
279
283
4. In Settings page, select **Use configuration designer** and add **DefenderExcludeAppInReport** as the key and value type as **Integer**
280
-
- Enter **1 to enable privacy**. The default value is 0.
284
+
285
+
Enter **1 to enable privacy**. The default value is 0.
286
+
281
287
5. Select **Next** and assign this profile to targeted devices/users.
282
288
283
289
Using this privacy control won't impact the device compliance check or conditional access. For example, devices with a malicious app will always have a risk level of "Medium".
@@ -291,8 +297,10 @@ Use the following steps to configure Disable sign-out:
291
297
2. Give the policy a name, select **Platform > Android Enterprise**, and select the profile type.
292
298
3. Select **Microsoft Defender for Endpoint** as the target app.
293
299
4. In the Settings page, select **Use configuration designer** and add **Disable Sign Out** as the key and **Integer** as the value type.
300
+
294
301
- By default, Disable Sign Out = 1 for Android Enterprise personally owned work profiles, fully managed, company owned personally enabled profiles and 0 for device administrator mode.
295
302
- Admins need to make Disable Sign Out = 0 to enable the sign-out button in the app. Users will be able to see the sign-out button once the policy is pushed.
303
+
296
304
5. Select **Next** and assign this profile to targeted devices and users.
297
305
298
306
> [!IMPORTANT]
@@ -308,6 +316,7 @@ Use the following steps to configure the Device tags:
308
316
2. Give the policy a name, select **Platform > Android Enterprise**, and select the profile type.
309
317
3. Select **Microsoft Defender for Endpoint** as the target app.
310
318
4. In Settings page, select Use configuration designer and add **DefenderDeviceTag** as the key and value type as **String**.
319
+
311
320
- Admin can assign a new tag by adding the key **DefenderDeviceTag** and setting a value for device tag.
312
321
- Admin can edit an existing tag by modifying the value of the key **DefenderDeviceTag**.
313
322
- Admin can delete an existing tag by removing the key **DefenderDeviceTag**.
@@ -317,6 +326,7 @@ Use the following steps to configure the Device tags:
317
326
318
327
> [!NOTE]
319
328
> The Defender app needs to be opened for tags to be synced with Intune and passed to Security Portal. It may take up to 18 hours for tags to reflect in the portal.
329
+
320
330
## Related articles
321
331
322
332
-[Overview of Microsoft Defender for Endpoint on Android](microsoft-defender-endpoint-android.md)
0 commit comments