Re: Rules based on device ownership

gordon_may · 02-22-2023 03:48 AM

I want to be able to report on when staff use non-company owned devices, but the rule condition "device ownership is company owned" yeilds no results. The event log doesn't seem to record that field.

Ultimately I am trying to work towards applying Chrome policies to those who use BYOD, but can't work out how to do that.

ajojose33333344

@gordon_may Have you enrolled your devices already?

gordon_may

Yes, they are enrolled

emreknlk

Hi, are you referring to Chrome browser policies or Chrome OS policies? If it is former, are you trying to do these for Android devices?

gordon_may

I am referring to Chrome browser on computers (i.e. not on mobiles since we have MDM to control that already).

newman

Would just exporting the device list work? It states if the device is company owned or user owned. You can also filter for user-owned only.

gordon_may

That will only give me a point-in-time status. I want to ensure that whenever someone logs into a Chrome browser with an organisation account on their personal device I get a trigger which I can do something with.

newman

With the investigation tool, you can be notified hourly. It allows you to create an activity rule to notify you if it happens, and you could also choose to block or approve the device.

With context-aware access you can prevent access to any individual (or all) applications based on user vs company owned devices. However, it doesn't sound like you are trying to block access it sounds like you want to just apply different policies on personal devices. Out of the box, I'm not sure if this is something you can do.

gordon_may

Thanks. I haven't been able to get anything to notify me because i can't find an event to use which operates depending on device ownership. The device ownership log only shows 'adding a corporate device' as an event, not actually doing something on the device.

newman

I think this is going to be the closest you can get.