When you manage your mobile fleet with an enterprise mobility or mobile device management solution, there might be requirements to respect the privacy of data being collected. When you manage mobile devices, your devices are reporting by default the full installed application list with managed and non-managed applications to your management server and depending on your organization rule set for device privacy, you might want to customize the default device privacy settings to suit your organization's needs and exclude non-managed applications. Before we will start with this customization, we want to provide you an information about the places where to find installed applications. In general, three places are available to review installed applications:
- In the device overview under the category application list
- In the managed applications section in the device overview behind the actions button
- In the Dashboard tab under the Application Summary
Now let us review what applications are shown by default:
|Application List in Device Overview||All managed and non-managed installed applications|
|Managed Application List||Only managed application|
|Application Summary||All managed and non-managed installed applications|
Before we will proceed with this guide, we recommend first to take notes or screenshots of the three above mentioned sections before changing the device privacy, as we want to configure now that the application lists should only contain managed applications for all roles including administrators. And for this, it might be useful to review directly the differences.
The Application Summary allows you distinguish between the available platforms and device types, and it allows to export the installed application list summary in a *.xlsx format, where you can easily review installations.
After taking the final notes, let us now configure the device privacy.
Configure Device Privacy
With Silverback you can exclude non-managed installed applications from the device overview application list and from the application summary. As the Managed Application view shows only managed applications, the list will be kept untouched and managed applications will become the only application type shown in the application summary. You have the options to hide the personal installed application list by ownerships and in addition you can the define minimum role to view the full application list. To configure the device privacy, perform the following steps:
- Open to your Silverback Management Console
- Login as an Administrator
- Navigate to Admin
- Select Console Permissions
- Switch to the Device Privacy tab
- Here you have the following options:
|Enable Application List Privacy||
||When enabled, you can configure that e.g., not managed apps are not visible for Administrators or Help Desk users in the device overview. This will increase privacy for end users.|
|Application List Privacy for Ownership Type||
||Defines the scope for the application list privacy. If personal devices is selected, non managed applications will not be visible for devices flagged with a personal ownership. If Corporate and Personal is select, non managed application will not be visible for both Ownership types.|
|Minimum Role Allowed to View Application List||
||Defines which minimum role has the ability to view the installed application list on devices. If Helpdesk is selected, all three listed roles will have access. If Super Helpdesk is selected, the Super Helpdesk and Administrator role is eligible to view the non-managed application lists.|
- Now Enable the Application List Privacy checkbox
- Select the Scope for the Ownership Type
- Define the Minimum Role and press save
- Confirm with OK
When the device privacy configuration is completed, review now all three places and compare it with your notes. You should see now for the scoped devices an empty application list in the device overview and the application summary should have changed the view. In addition to that, the export should contain less applications. Ensure you are logged in with the specific roles, which should have been target with the changes.
|Application List with disabled Device Privacy||Empty application list with enabled Device Privacy|
|The application summary contains non-managed applications||The application summary contains now only managed applications|
|The application summary export contained over 100 entries.||Now the application summary export contains only managed applications with less entries.|
|The managed application list shows all managed applications||And here the application list is showing all managed applications|
When selecting the View All button, the count for applications will remain the same after enabling the device privacy. For Instagram as an example the count is 1, which indicates that application is installed one time in your device fleet.
But the export for this application will be empty.