Thursday, December 7, 2023

Updated grace periods for resolving policy violations in managed iOS devices

What’s changing 

Ensuring only managed applications can access sensitive information is vital to security. Currently, when admins make a policy change that results in an app going from unmanaged to managed, if a policy violation is detected, a 24-hour grace period is given to users to comply with the change. After this grace period, users will lose the ability to access their Google Workspace account. 


Moving forward, we’re adjusting a few components to how this grace period operates to boost compliance and prevent inadvertent circumvention. Specifically:

Grace Period 

Situation

Next Steps



None 

-The managed apps policy violation is detected during the device enrollment.

-The managed apps policy violation by an app is detected after 24 hrs from the moment the admin changes the policy.

Users will be prompted to install the app from the Google Device Policy app for IOS or they will lose access to Google Workspace.

Visit the Help Center to learn more.


24 hours

The managed apps policy violation by an app is detected within the 24hrs from the moment the admin changes the policy. 



Who’s impacted

Admins and end users


Why it’s important

Improving these safeguards helps ensure that  only managed applications can access sensitive organization information. If the managed applications do not meet the requirements of the access policies set by admins, managed application access to Workspace data is deactivated until users take the proper steps.


Getting started


Rollout pace

Availability

  • Available to Google Workspace Frontline Starter and Frontline Standard, Business Plus, Enterprise Standard and Enterprise Plus, Education Standard and Education Plus; Enterprise Essentials and Enterprise Essentials Plus and Cloud Identity Premium customers

Resources