Restrictions configuration (Knox container profile)

With the Restrictions configuration you configure restrictions and related settings for the Knox container of Samsung devices.

Setting/Field

Description

Allow screen capture

Users can capture the screen content of apps inside the Samsung Knox container.

Allow camera

Apps inside the Samsung Knox container can access the camera.

Allow clipboard

Users can copy any contents to the clipboard.

Allow "Share via"

The Share via feature that certain apps use is turned on.

Allow microphone

Apps inside the Samsung Knox container can access the microphone.

Enforce the use of the secure keypad

Users must use the secure keypad.

Allow addition of new email accounts

Users can add email accounts beyond the accounts that are configured by a Sophos Mobile profile.

Allow data export

Private apps can access data from within the Samsung Knox container.

Allow copying files into the container

Private files can be copied or moved into the Samsung Knox container.

Allow Bluetooth

Apps inside the Samsung Knox container can use Bluetooth connections.

Allow NFC

Apps inside the Samsung Knox container can use NFC (near-field communication) connections.

Enforce multi-factor authentication

More than one authentication method is required to unlock the Samsung Knox container, for example password and fingerprint.

Allowed apps / Forbidden apps

You can configure either Allowed apps or Forbidden apps. Select the desired option from the first list and then select the app group containing the apps that should be allowed or forbidden from the second list.

App installations initiated by the Sophos Mobile server are not restricted by this setting.

For information on creating app groups, see App groups.