Modern mobile-device management requires balancing strict corporate security with user privacy and flexibility. COPE (Corporate-Owned, Personally Enabled) devices are designed specifically for this: the company owns and manages the device, while employees retain a personal space that remains separate and private.
Personal Usage Policies in Applivery MDM provide fine-grained control over what users can do in the personal profile of a COPE device—without compromising compliance, security, or the protection of corporate data. These policies let organizations clearly define which features, applications, and permissions belong to the user’s personal area, enabling a secure and productive environment that also respects employee privacy.
By using these controls, IT teams can adapt each COPE device to both corporate and personal needs, maximizing security and productivity while maintaining the personal freedom expected from modern work environments.
How to Access Personal Usage Policies #
Once in the Applivery Dashboard, go to any of your Policies (1) (under Device Management > Policies). From the left side menu go to Compliance (2) and scroll down to Personal Usage Policies (3).
Configuration options #
Account Types With Management Disabled #
Defines which account types should not be managed by MDM. This is typically used to enforce management only for corporate accounts, while keeping personal accounts completely outside IT control.
To add an account type, click + Add element and enter the account identifier.
Bluetooth Sharing (Allowed / Disallowed) #
Controls whether users can share content via Bluetooth from the personal profile. Useful for allowing or restricting file exchange in the private area of the device.
Camera Disabled #
Disables the camera in the personal profile.
Recommended for environments where taking photos or videos in personal mode could pose a security or confidentiality risk.
Max Days With Work Off #
Controls how long the work profile can remain turned off on a COPE device.
How it works?
- The value must be at least 3 days.
- Example: If set to 5, the user may disable the work profile for up to 5 consecutive days.
- If exceeded, the system may block access, restrict usage, or force reactivation based on company policy.
- A value of 0 disables the feature completely.
- Values under the minimum cause an error and are not applied.
When is it useful?
- Ensuring the device does not remain too long without corporate controls.
- Preventing users from keeping the work profile disabled indefinitely.
- Maintaining access to corporate apps, updates, and security requirements.
- Essential for organizations handling sensitive or regulated data.
Personal Applications #
Controls which apps may be installed inside the personal profile.
Each entry includes:
- Install Type: Whether the app is allowed or blocked.
- Package Name: The application’s identifier
This allows IT to authorize safe, approved apps while restricting unwanted or non-compliant ones.
Personal Play Store Mode #
Defines the level of access the user has to Google Play in the personal space:
- Blocklist Mode: All apps from Google Play are allowed except those explicitly marked as BLOCKED in Personal Applications. Useful when you want broad freedom but still block certain categories (e.g., risky apps, unverified messaging apps, etc.).
- Allowlist Mode: Only apps explicitly marked as AVAILABLE in Personal Applications may be installed. Everything else is automatically blocked. This is the most restrictive setting and ideal for highly controlled environments.
Private Space Policy (Allowed / Disallowed) #
Determines whether the user can create a private, independent space on the device. Useful for fully separating personal content from corporate data.
You can learn more abour Private Spaces on Android devices by following this link.
Screen Capture Disabled #
Prevents the user from taking screenshots in the personal profile. Useful when organizations want to avoid the spread or saving of sensitive information.
Why Personal Usage Policies matter #
These policy controls allow IT to define exactly what is allowed or restricted within the personal area of a COPE device. This creates the ideal balance between:
- Corporate security — protecting apps, data, and compliance.
- Employee privacy — giving users freedom in their personal profile.
- Operational efficiency — keeping devices productive and aligned with company standards.
Applivery enables granular control over accounts, app installation, camera and screenshot usage, file sharing, and how long the work profile can remain off—ensuring devices remain secure while also user-friendly.
Implementing Personal Usage Policies in COPE environments leads to:
- Safer and better-managed devices.
- Clear rules for employees.
- Easier COPE adoption across the organization.
- Greater clarity and control for IT teams.
- A balanced, secure, and user-respectful mobile ecosystem