Data Sharing profiles (UI)
Configuring the Data Sharing policy
Use a Data Sharing profile to set these options with the Data Sharing policy. (See Policy profiles for general information about managing policy profiles.)
Click Apps, then Android or iOS, then the app you want to secure. The App details screen appears.
Click the settings gear on the Data Sharing panel. The Policy details page appears, where you can create a new profile or edit an existing profile.
On the Policy details page, click + Data Sharing Profile to create a new profile, or click the View/Edit profile (pencil) icon next to an existing profile to edit it.
On the Data Sharing profile page, enter the Profile name and description, then select the desired policy options.
Copy Paste
See Data Sharing and Data Sharing copy and paste scenarios for more detail, particularly when apps are grouped.
Policy option | Description |
---|---|
Block copy between apps | Enable this option to prevent copying from the protected app. |
Block paste between apps | Enable this option to prevent pasting into the protected app. This option is only available if you have enabled Block copy. |
Drag and Drop (iOS only)
Policy option | Description |
---|---|
Block drag of content from secured apps | Enable this option to prevent copying by dragging from the secured app. |
Block drop of content into secured apps | Enable this option to prevent pasting by dropping into the secured app. This option is only available if you have enabled Block drag. |
Privacy screen
Policy option | Description |
---|---|
Block app screens from appearing in task switchers (iOS/Android) or screenshots (Android only) | Enable this option to present a privacy screen instead of the screen from a protected app in task switchers and other unauthenticated scenarios (as described in Data Sharing). |
Grouped apps
Policy option | Description |
---|---|
Share data created by the injectable with other secured apps | Enable this option to add an app to a group of affiliated apps. All apps secured with this setting share security data, that is, Local App Authentication, Secure Microtunnel, and Single Sign-On credentials, as well as Data at Rest encryption keys. Grouped apps do not need to have the same Data Sharing policy profile:
|
Preferred apps
This group of options defines the protected app's behavior when the app makes a request to open an external app, for example, to open a web site in an external web browser, or a document type within an app specific for that file.
Policy option | Description |
---|---|
Preferred apps | |
Block data sharing with all external apps | Enable this option to block the protected app from opening an external app. This means that the protected app cannot launch external apps to handle files and web links. Custom schemes (for example, social media sharing) are not blocked. |
Web Links | These options let you customize how the protected app handles web links.
|
Approved Apps | Use this section to identify apps that are explicitly trusted for data sharing. To select an app: Under Android or iOS, as appropriate, select an app from the menu (these are apps uploaded to the Policy Console), or select Custom to add another app. If you choose Custom, a text box appears next to the menu. Enter the package ID (of the form com.example.app). Click + App ID. The app is added to a list below the menu. Each entry in the list includes an X (to delete the app from the approved apps list) and up and down arrows to re-order the list by preference. To remove an app from the app list, click X next to the app name. Note: On Android, the protected app uses the approved app list in order to find a match for the data; it launches the first app from the list that is able to handle the shared data. On iOS, the user sees a list of approved apps that can open the data, so the order doesn't matter. |
When you are done configuring the profile, click Save changes. This profile is now available to use with any app.
Applying the Data Sharing policy
Click Apps, then Android or iOS, then the app you want to secure. The App details screen appears.
Under Policies to apply, click the triangle to expand the Data Sharing panel.
Select "Enable Data Sharing policy."
Choose the Data Sharing profile from the menu.
Click Apply policies.