Add policies in Admin Center to automate how your organization governs Meta Quest devices
This article is only applicable to admins with relevant permissions.
When you create a policy in Admin Center, you choose which actions are automatically taken if certain conditions are detected on a Meta Quest device in your organization. This helps you protect your organization from malware or other security threats.
There is no maximum limit to the number of policies you can create.
Note: You can only create policies for devices that are managed in Admin Center. You cannot create policies for devices that are managed by a third-party device manager.
To add a policy:
- Click
Policies in the left menu of Admin Center.
- Click Add policy in the top right.
- Enter a name for the policy. You can also choose to add a description. Click Next.
- Choose your condition from:
- If root access or jailbreak is detected
- If bootloader is unlocked
- If verified boot is not successful
- If malware is detected
- If passcode complexity doesn’t meet requirements or is less than low, medium or high
- If passcode is not set
- If OS update is not current or is more than a certain number of days overdue
- You can click Add condition for another condition. You can choose whether this is in addition to the condition above (and), or an alternative to it (or).
- When you’ve created your condition(s), click Next.
- Choose which actions are taken when the above conditions are detected on devices, from:
- Wipe devices
- Remove organization-issued certificates
- Remove organization-issued networks
- Require reauthentication – if you add this as an action, then you need to set the authentication interval.
- When you’ve selected the action(s), click Next.
- Choose whether you want all admins with relevant permissions to be notified by email whenever the policy is triggered, and whether you want people using affected devices to receive an in-headset notification. Click Next.
- Find out more about reviewing security and policy trigger alerts in Admin Center.
- Choose which device groups, managed devices, people and/or people groups you want this policy to apply to. Click Next.
- Click Activate policy, then confirm you want to activate the policy.
- If you cannot click Activate policy, check that there are no empty conditions – that is, if you clicked Add condition but did not add details. You can click
Delete to the right of a condition to delete it.
- If you cannot click Activate policy, check that there are no empty conditions – that is, if you clicked Add condition but did not add details. You can click
When creating a policy, you can also click Save and exit. You can return to creating this policy later by clicking 
Options to the right of it in Policies then selecting Edit policy. You can also select Activate policy from here, so that the policy takes effect for all assigned people, devices and groups.
Options to the right of it in Policies then selecting Edit policy. You can also select Activate policy from here, so that the policy takes effect for all assigned people, devices and groups.Learn how to edit, deactivate or delete policies created in Admin Center.
