I'd realized that users registred to McAfee EMM can easily deactivate the McAfee EMM Service running in background of Android Smartphones.
They can receive eMails and are listed as compliant. I know, that Android users are normally listed twice. Without that service, there is only one device listed.
Is it possible to mark these people completely as non compliant and stop the possibility of receiving eMails?
Yes the same problem exists on iOS. Users can uninstall the app, bypassing jailbreak detection, and still function as compliant. Support tells me this is by design to which I call BS. It says clearly in the product guide:
About device compliance
Device compliance is determined based on the following predefined parameters.
A device is considered compliant if the following is true:
•The device has the current version of the McAfee EMM software installed.
•The device has the current security policy installed.
•The iOS device has the correct device certificate that was issued during provisioning.
A device is considered noncompliant if one or more of the following is true:
•The device does not contain the McAfee EMM software.
•The security policy has been updated and the device does not yet have the new policy.
•The device has not checked in since the software or security policy was last updated.
•The device has been hard-reset because of a company policy, and the device no longer contains the McAfee EMM software.
•The device has been jailbroken (iOS) or rooted (Android).
What version are you on?
We're on 10 as well. I don't recall this happening in previous versions but I also don't recall trying so... Anyway 10.1 should be GA very soon.