Malware scanning behavior by activation type

The scope of the malware scan depends on the user’s activation type:

Activation type	Scope of malware scanning
Android Enterprise : Work and personal - user privacy ( Android Enterprise with work profile)	Apps in the work profile only
Android Enterprise : Work and personal - full control ( Android Enterprise fully managed device with work profile)	Apps in the work profile only
Android Enterprise : Work space only ( Android Enterprise fully managed device)	All apps on the device
MDM controls	All apps on the device (work and personal)
User privacy	All apps on the device (work and personal) The UEM Client or a BlackBerry Dynamics app must be installed on the device The user is prompted with a request to allow malware scanning on the device. If the user does not accept, malware scanning does not occur and the user's device is considered out of compliance.
Samsung Knox (all types)	Apps in the Knox work space only

For user privacy activation types, the name, package name, and hash of malicious apps are partially obfuscated in the management console,

UEM

logs, and device logs for privacy purposes. For fully managed devices, you can view the full details of malicious apps in the management console. For more information about data collection for different activation types, visit support.blackberry.com/community to read article 60890 (note that you require a

BlackBerry Online Account

and an active support entitlement to view KB articles).

Section:

Detecting malware on Android devices