Windows-specific MDM policies available in Swif

Policy

What it controls

Supported Min. OS

BYOD Compatible

AppLocker Policy

Create allow/deny rules for EXE, MSI, Script, and Packaged apps. Learn more →

Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +

Yes

BitLocker Auto Policy

One-click silent BitLocker enable/disable (no advanced options). Learn more →

Windows 10 +

Yes

Certificate Install (SCEP/PKI) Policy

Push user/computer certs (PFX, SCEP) & trust anchors. Learn more →

For example, push Okta's SCEP certificate. Learn more →

Windows 10 +

Yes

SCEP Certificate Policy

SCEP profile for auto-enrolling certificates. Learn more →

For example, push Okta's SCEP certificate. Learn more →

Windows 10 +

Yes

Connectivity Policy

WLAN/LAN proxy, metered-network flag, tethering, hotspot. Learn more →

Windows 10 +

Yes

Cron Policy

Set every X days to restart a device or set EOD of X date to restart a device. Learn more →

Windows 10 +

Yes

Defender Policy

Real-time protection, cloud heuristics, engine updates, and exclusions. Learn more →

Windows 10 +

Yes

Edge Extension Deployment Policy

Force-install / block Edge add-ons. Learn more →

Windows 10 +

Yes

Firefox Extension Deployment Policy

Force-install / block Firefox add-ons. Learn more →

Windows 10 +

Yes

Google Chrome Extension Deployment & Blocking Policy

Force or block Chrome Web Store extensions. Learn more →

Windows 10 +

Yes

Google SSO Policy

Configure Google Workspace login at the Windows lock screen. Learn more →

Windows 10 +

Yes

Login Message Policy

Custom legal banner title & body before sign-in. Learn more →

Windows 10 +

Yes

Microsoft Remote Desktop Policy

Allow RDP, network-level auth, encryption, and clipboard rules. Learn more →

Windows 10 +

Yes

Password Policy

Length, complexity, history, and grace period rules. Learn more →

Windows 10 +

Yes

PIN Policy

Windows Hello for Business PIN length, complexity, and expiration. Learn more →

Windows 10 +

Yes

Power Policy

AC/DC sleep, lid close, hibernate, display timeout. Learn more →

Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +

Yes

Radius (802.1X) Policy

PEAP/MS-CHAPv2 or EAP-TLS wired, Wi-Fi, and VPN profiles. Learn more →

Windows 10 +

Yes

Remote Desktop (Splashtop) Policy

Initiate an on-demand RDP session from the Swif console. Learn more →

Windows 10 +

Yes

Settings Policy

Disable Auto Play. Learn more →

Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +

Yes

Shared PC Policy

Shared-PC mode, guest account lifetime, and local storage limits. Learn more →

Windows 10 +

Yes

Software Update Policy

Quality & feature update deferral, automatic reboots, and bandwidth. Learn more →

Windows 10 +

Yes

Tracking Policy

USB port and Device lock. Learn more →

Windows 10 +

Yes

Taskbar Policy

Specifies the list of applications that should appear pinned to the Windows taskbar. Learn more →

Windows Pro 10+

Windows Enterprise 10+

Windows Education 10+

Windows SE 10+

IoT Enterprise / IoT Enterprise LTSC 10+

Yes

USB Policy

Allow/block removable storage, set read-only, specify device IDs. Learn more →

Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 +

Yes

User Authorization Policy

Local account creation, admin elevation, and guest enable/disable. Learn more →

Windows 10 +

Yes

VPN Policy

IKEv2, L2TP, SSTP, Automatic, Always-On VPN profiles. Learn more →

Windows 10 +

Yes

Wi-Fi Policy

WPA2/WPA3 Enterprise & PSK network profiles. Learn more →

Windows 10 +

Yes

Windows Security Logger Policy (AI Security Report)

Vulnerability scanning Learn more →

Windows 10 +

Yes