Protect corporate data on mobile devices
As a G Suite administrator, you can help protect corporate data on users’ personal mobile devices and on your organization’s company-owned devices by enrolling the devices for management. Users get secure access to their G Suite email, apps, documents, and more. You can set and monitor policies to keep the devices (and data) safe.
Make sure devices are protected
Protect data on managed mobile devices by making sure that users set a screen lock or password for their device. You can define a password type and strength, specify the minimum number of characters, and more. If a password doesn’t meet your requirements, corporate data will stop synchronizing to the device. For details, see Apply password settings for mobile devices.
Wipe corporate data from missing devices
Mobile devices can store corporate information and give access to a user’s G Suite account. If a device goes missing or an employee leaves your organization, you can remotely wipe corporate data from the device. You can also give users the option to wipe their own devices. For details, see Remove corporate data from a mobile device.
Make sure Android devices are encrypted
Encryption stores data in a form that can be read only when a device is unlocked. Unlocking the device decrypts the data. This adds protection if a device is lost or stolen. You can require device encryption on Android 3.0 Honeycomb and later devices. For details, see Require device encryption.
Apply device restrictions
You can restrict how users share and backup data on Android and Apple® iOS® devices. For example, on Android, you can prevent USB file transfers and on iOS devices, you can stop backups to personal cloud storage. You can also restrict access to some device and network settings. For example, you can turn off the device’s camera and prevent Android users from changing their Wi-Fi settings. For more information, see:
- Apply settings for Android mobile devices
- Apply settings for iOS mobile devices
- Apply advanced settings
Block compromised devices
Stop a user’s G Suite account from syncing with Android devices that might be compromised. A device becomes compromised when it’s rooted—a process that removes restrictions on a device. Compromised devices can indicate a potential security threat. For details, see Block compromised devices.
Block noncompliant devices
When a device falls out of compliance with your organization’s policies, access to certain work apps is automatically disabled. For example, if you enforce a new minimum password length of 6 characters and a user’s existing device password is only 5 characters, then the device is no longer compliant with your password policy. You can set up additional rules to stop noncompliant devices from syncing corporate data. For details, see Device compliance status and Automate mobile management tasks with rules.