Protecting Kaspersky Endpoint Security for Android against removal

To protect mobile devices and comply with corporate security requirements, you can enable protection against removal of Kaspersky Endpoint Security for Android. In this case, the user cannot remove the app using the Kaspersky Endpoint Security for Android interface. When removing the app using Android operating system tools, you are prompted to disable administrator rights for Kaspersky Endpoint Security for Android. After disabling the rights, the mobile device will be locked.

On certain Samsung devices running Android 7 or later, when the user attempts to configure unsupported methods for unlocking the device (for example, a graphical password), the device may be locked if the following conditions are met: removal protection is enabled for Kaspersky Endpoint Security for Android and strength requirements are set for the screen unlock password. To unlock the device, you must send a special command to the device.

To protect the app from removal on devices running Android 7 or later, Kaspersky Endpoint Security for Android must be set as an Accessibility feature. When the Initial Configuration Wizard is running, Kaspersky Endpoint Security for Android prompts the user to grant the application all required permissions. The user can skip these steps or later disable these permissions in the device settings. If this is the case, the app is not protected from removal.

To enable protection against removal of Kaspersky Endpoint Security for Android:

1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices) → Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
2. In the policy properties window, select Application settings.
3. Select Android and go to the KES for Android settings section.
4. On the Configure access to app settings card, click Settings.

   The Configure access to app settings window opens.

5. Enable the settings using the Configure access to app settings toggle switch.

   The toggle switch in this card does not enable or disable the corresponding functionality on devices. Enabling the toggle switch lets you configure custom settings. Disabling the toggle switch lets you use default settings.

6. Clear the Allow removing the app from device check box.
7. Click OK.
8. Click Save to save the changes you have made.

Mobile device settings are changed after the next device synchronization with Kaspersky Security Center. If an attempt is made to remove the app, the mobile device will be locked.

Page top