Using the Unwanted App rules in SEP Mobile, it is possible to assign a risk level to applications which are deemed by the organization's administrator as not appropriate for enrolled devices. By doing so, users installing an Unwanted app will be alerted that the app is blacklisted per company policy, and prompted to remove the app in question.
By assigning a High risk level to an Unwanted App, devices will be marked as noncompliant when the app is present (assuming a default Mobile Security Compliance Policy is in place), and the device can then be prevented from accessing company resources until the Unwanted App is removed.
Creation of Unwanted App rules is covered in detail in the following Techdoc article:
Defining the criteria for determining an app as unwanted
The purpose of this article is to provide a quick, step-by-step guide to implementation of Unwanted App rules based on their bundle ID (iOS) / package name (Android). We will use the TikTok app in this example.
On Android devices the SEP Mobile app can natively perform app analysis, so this guide applies to all SEP Mobile environments with enrolled Androids. However on iOS in order to perform app analysis, SEP Mobile is reliant upon an integration with an MDM provider to provide installed app data via iOS app sync. Therefore use of Unwanted App rules is only possible for iOS devices enrolled in an MDM integrated environment.
1.) Begin by obtaining the bundle ID for iOS, or the package name for Android, of the app to be marked as high risk:
2.) In the SEP Mobile Management Console (MC), go to Settings and then Apps. Mouse over the last rule in the list and click on the + (plus) symbol, then select the option to "Add iOS and iPadOS apps definitions".
3.) In the "Classify iOS apps as" field type the name to be used for this Unwanted App classification - for this example the generic name "Unwanted iOS App" is being used. Then select the risk level of the Unwanted App. For this example "High risk" is being selected, as that will cause devices detected with this app to be marked as non-compliant using a default Mobile Security Compliance Policy.
4.) Click the + (plus) sign in the middle section labeled "Add app rules for the classification above".
5.) Click the "Please select" dropdown, then in the search field enter "bundle" and select the "Bundle ID is one of the following:" App identifier criteria.
6.) Input the bundle ID of the app to be marked as High risk. Note that the Simulation button can be used to provide administrators with a report on the number of affected devices prior to implementation of the new rule.
7.) When ready to implement the rule for production, click the Apply Changes at the top of the page.
8.) To add Android definitions for the same app as Unwanted, simply repeat steps 2 through 8, with the following changes to be aware of:
Please note that it is also possible to choose the Medium Risk or Low Risk levels to associate with an Unwanted App classification, and, with default Mobile Security Policy Control settings in place, detection of a Medium or Low risk app would not result in the device becoming non-compliant. Instead, using this method administrators can provide an informational prompt to the user, explaining the app is blacklisted and requesting they remove it.
Unwanted Apps detected on enrolled devices will be reported in the MC for administrators to review.
Using the Selective Resources Protection as a compliance enforcement
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection-mobile/1-0/Security-Settings/using-the-selective-resources-protection-as-a-comp-v130285821-d4221e4337.html
Defining noncompliant devices and mobile compliance policy
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection-mobile/1-0/Security-Settings/defining-noncompliant-devices-and-mobile-complianc-v131860172-d4221e3919.html