Knowledge Base

Policies allow TeamViewer's Mobile Device Management (MDM) solution to define requirements for devices, as well as what will happen if a device does not comply with the set requirements. Each policy consists of a set of rules and a compliance action (what happens if the rule is violated).

How to access MDM policies

Accessing the MDM policy portal is done within TeamViewer Remote or the Web app. To begin, navigate to the Remote Management tab and select Go to Settings, found under the Mobile Device Management section.

To manage or alter policies, select Manage Policies at the upper right corner of the settings window. This will redirect you to the Ivanti portal.

📌Note: If you cannot see the Policies page, it might be that you do not have the required permissions. Viewing of the portal requires the Device Managment and Device Read-only roles.

How to create MDM policies

Once in the Ivanti portal, admins can create a new policy by clicking the + Add button in the upper right corner.

When creating any policy, a checkbox is found at the bottom of the window that must be selected in order to proceed. This ensures the admin is aware that any previous policy settings will be reset once the new policy takes place.

💡Hint: When creating a new policy, it is recommended to set the policy only with the "Monitor" compliance action for an evaluation period. The policy can then be checked over a period of a few days to be sure it is not matching devices in a way that is not intended.

Tiered Actions

When the policy is created it will begin monitoring, showing the impact on devices. Adding additional actions allows policies to fall into compliance by defining security preferences in the form of rules. You can add actions now, or after you have evaluated any violations.

💡Hint: Adding the action Wait in between other actions provides a way to allow device users to remediate their device and get it back in compliance before additional actions are taken. As an example, you may want to send a warning message and wait 24 hours before applying a quarantine action.

How to edit/delete MDM policies

The Actions column provides both options for editing or deleting an MDM policy.

Types of MDM policies

💡Hint: Regardless of policy type, all policies provide the ability to be notified when the device comes back into compliance!

TeamViewer MDM policies provide complete control in many situations. Within the policy, you can also set multiple parameters. We currently provide the following MDM policy parameters:

Compromised Devices

The Compromised Devices policy allows TeamViewer to take action if a compromised device (jailbroken iPhone or rooted Android device) is detected. When detected, TeamViewer can take the following actions:

1. Do Nothing

TeamViewer will take no actions. Compromised devices will appear in the Dashboard.

2. Send Notification

TeamViewer will send an email or push notification to the affected device/user; can also send both. The policy provides a subject and body text field where you can enter the default message to be sent during an occurrence.

3. Wait

TeamViewer will take no action for a set period of time. Once the time has expired, the next action set in the policy will occur.

💡Hint: To add multiple actions to a policy, click the blue + icon to the right of the currently applied action.

4. Restart Device Once

The affected device will be forced to restart once. If any actions have been added after this occurs, the next action will occur once the device is back online.

5. Quarantine

The affected device will be quarantined based on the provided parameters, including the ability to remove applications and configurations, as well as stop specific device actions.