Restrictions Policy

With restriction profiles, you can control (enable or disable) many device capabilities of corporate devices and prevent many potential security threats. This prevents end users from using certain device features, such as using the camera. This is supported on MacOS, iOS, iPadOS, Android, and Windows.

About this task

To create a restrictions policy, complete the following steps.


  1. From the WebUI main page, select Apps > MCM.
  2. On the Modern Client Management page, on the right side corner, click the Create Policy button.
  3. From the list of policy types, select Restrictions. The following page appears.
  4. In the Generic Settings section, do the following:
    1. Enter name and description of the policy.
    2. Select operating system.
    3. All operating systems have specific set of restrictions policies. Navigate to the specific settings for each of the operating systems selected on the left side navigation panel. Once there, you can set the operating system specific settings for your restrictions policy.
    4. In the Assign Policy to Site dropdown, select Master action site.
  5. Click Save. The restriction policy is created.

    You can verify your policy and can click Deploy Policy to deploy it to selected devices.


A restriction policy is created for the selected operating system with the configured settings.

What to do next

Add the created restriction policy to a policy group to deploy onto the eligible devices.