Category filter
How to Blacklist / Whitelist Apps on Windows Devices
Some situations demand organizations keep track of the apps used by the endpoints to determine the presence of any insecure apps on corporate devices. Hexnode UEM lets you build either a blacklist or a whitelist of apps, which helps identify unwanted apps on the device. In addition, it enables the administrators to take remedial actions so that the users do not access any untrusted apps from corporate devices.
- This feature is available only on Ultimate and Ultra subscription plans.
- Blacklist/Whitelist policy is supported only on Windows 10 devices.
App Blacklisting
- Login to your Hexnode MDM portal > Navigate to Policies tab > Click on New Policy to create a new one or click on any policy to edit an existing one > Enter the Policy Name and Description in the provided fields.
- Go to Windows > From App Management, choose Blacklist/Whitelist > Click on Configure.
- Choose Blacklist as the Type > Click on +Add button > Choose either Add App or Add Group.
- On selecting Add App,
From Local Apps, search and select the required apps > Click Done.Or
Select Public Store to install apps directly from the public app store > Search and select the required apps > Click Done.On selecting Add Group,
Search and select the required app group(s) > Click Done. - Navigate to Policy Targets > Click on +Add Devices > Select the target devices > Click OK > Save.
To associate the policies to a device group, select Device Groups from the left pane under Policy Targets, and follow the above instructions. Similarly, you can associate the policy to Users, User Groups, or Domains from the same pane.
On applying the Blacklist policy to Windows device(s)
The device will be marked as non-compliant if any of the blacklisted apps are present on the device. The device summary page shows the exact number of blacklisted apps present on the device.
Navigate to Admin tab > General Settings > Compliance Settings > Enable the option Device is not application compliant. The device will not be marked as non-compliant unless you’ve enabled this option.
App Whitelisting
- Login to your Hexnode MDM portal > Navigate to Policies tab > Click on New Policy to create a new one or click on any policy to edit an existing one > Enter the Policy Name and Description in the provided fields.
- Go to Windows > From App Management, choose Blacklist/Whitelist > Click on Configure.
- Choose Whitelist as the Type > Click on +Add button > Choose either Add App or Add Group.
- On selecting Add App,
From Local Apps, search and select the required apps > Click Done.Or
Select Public Store to install apps directly from the public app store > Search and select the required apps > Click Done.On selecting Add Group,
Search and select the required app group(s) > Click Done. - Navigate to Policy Targets > Click on +Add Devices > Select the target devices > Click OK > Save.
To associate the policies to a device group, select Device Groups from the left pane under Policy Targets, and follow the above instructions. Similarly, you can associate the policy to Users, User Groups, or Domains from the same pane.
On applying the Whitelist policy to Windows device(s)
The apps that are not whitelisted will be treated as blacklisted, thus marking the device non-compliant.
Navigate to Admin tab > General Settings > Compliance Settings > Enable the option Device is not application compliant. The device will not be marked as non-compliant unless you’ve enabled this option.
