Security - Microsoft Windows Phone 8.1
Select the required option Passcode or Restrictions and click 
Configure to add and 
Remove Configuration to delete the settings.
|
Passcode |
|
|
Setting |
Note |
|
Allow simple value |
Allow the use of repeating, ascending or descending character sequences such as 1111 or 1234 |
|
Passcode type |
Type of passcode that must be used: Any, Alphanumeric Password, Numeric PIN Password |
|
Minimum passcode length |
Minimum number of characters required for the passcode (4->16) |
|
Minimum number of complex types |
Minimum number (1 - 4 ) of character types that must be used. |
|
Maximum passcode age |
Days (1 - 730) after which passcode must be changed. If not set, then the password will never expire. |
|
Passcode history |
The number (1 - 50) of unique passcodes required before reuse. If not set, the user can re-use any existing password. |
|
Maximum grace period for device lock |
Maximum device lock grace period user is allowed to set on device: Not specified, 1 Minute, 3 Minutes, 5 Minutes, 15 Minutes, 30 Minutes, 1 Hour. If not set, password will be required when unlocking device always. |
|
Maximum failed attempts before wiping |
Number of incorrect passcode attempts (3 - 999) before all data on the device will be erased. If not set, then the device will never be wiped. |
|
Please be aware, if a device has multiple Passcode policies in place the strictest policy will be applied, regardless of whether this policy was set via the Dashboard |
|
|
Restrictions |
|
|
Option |
Notes |
|
WiFi |
|
|
Allow WiFi |
|
|
Allow internet sharing |
|
|
Allow auto connect to WiFi Sense hotspots |
|
|
Allow WiFi HotSpot reporting to Microsoft |
|
|
Allow manual WiFi configuration |
Allow connecting to WiFi networks outside of MDM server installed networks |
|
Connectivity |
|
|
Allow NFC |
|
|
Allow Bluetooth |
|
|
Allow data roaming |
|
|
Allow VPN roaming over cellular |
Allow the device to use VPN while roaming on cellular networks |
|
Allow VPN over cellular |
Allow the device to use VPN while using a mobile data connection |
|
Allow USB connection |
|
|
System |
|
|
Allow SD card access |
Enable or disable SD card usage |
|
Allow telemetry |
Allow the device to send telemetry information such as SQM (Software Quality Metrics) and Watson |
|
Allow location |
Allow location services |
|
Experience |
|
|
Allow copy and paste |
|
|
Allow screen capture |
|
|
Allow save as office file |
|
|
Allow sharing of office file |
|
|
Allow Cortana |
|
|
Allow sync my settings |
|
|
Accounts |
|
|
Allow Microsoft account connection |
Allow Microsoft account to be used for non-email related connection authentication and services |
|
Allow adding non Microsoft accounts |
Allow the user to add non-Microsoft email accounts |
|
Security |
|
|
Allow manual installation of root certificates |
Allow user to install root and intermediate certificates |
|
Enable BitLocker device encryption |
Once internal storage encryption is enabled, the phone automatically begins encrypting the internal storage with AES 128. and it cannot be turned off via this policy Please note, once encryption is enabled it cannot be reverted. |
|
Application Management |
|
|
Allow Store |
Allow User to access App Store |
|
Allow Developer unlock |
Allow user to developer unlock device |
|
Browser |
|
|
Allow Browser |
|
|
Camera |
|
|
Allow Camera |
|
|
Search |
|
|
Allow search to use location |
|
|
Allow saving of images from Vision search |
|
|
Lock Screen |
|
|
Allow action center notifications on lock screen |
|
|
Advanced Settings |
|
|
Allow user to unenrol from MDM |
Deselect to prevent users from unenrolling their device from the MDM service. Devices can still be unenrolled through the dashboard. |
|
Allow user to reset phone |
Prevent users from being able to reset the phone. A remote wipe can still be initiated from the dashboard or from Exchange |