- You want to prevent iOS users from configuring the native mail client.
- A specific mail client does not meet security compliance for your company and you want to block users from using it.
- You want to explicitly whitelist all users utilizing a specific mail client.
It is possible to block the native email client from being configured on iOS devices that are supervised and running iOS 7+. If the device is not supervised and running iOS 7+, a compliance policy would have to be leveraged under Mobile Email Management. Both the Secure Email Gateway and PowerShell integration supports Device Type and Mail Client compliance restrictions.
In most instances, it is more appropriate to use the EAS Device Type policy as the device type generally maintains a simple generic format. The Mail Client policy should only be used in the most stringent of scenarios where the administrator has control over both application and platform versions.
Navigate in the AirWatch Console to Email > Compliance Policies
Click the pencil to edit the EAS Device Type policy
Click +Add Rule and specify the Device Type you want to use. Any device types already found via PowerShell or SEG will be populable options when Discovered is selected for the Client Type.Otherwise, select Customer to specify other device types.
AirWatch supports auto discovery of the following device types: iPad, iPhone, iPod, AWInbox/*, and AirWatchDroid.
Select the Action desired: Allow, Block, or Whitelist.
After completing the policy configuration, no action will be taken immediately. This policy will be evaluated with the following priority:
- SEG - after clicking Run Compliance or automatically after completing the hourly policy refresh.
- PowerShell - automatically on enrollment/profile push, or when clicking Run Compliance. Note again that AirWatch only support auto discovery of the above device types. Other device types will require polling Exchange via Sync Mailboxes for these details.