Is there anything like iOS passcode policy whereby you get 60 minutes to change your passcode after which you are forced to set a device passcode? On android I can just skip the prompt to create a device passcode and it won't ask me at a later time to create one either thus leaving my device wide open.
That is a great suggestion but probably not very practical for our use case. Shame Android is still not really up to the standards of IOS when it comes to large scale enterprise deployments.
It shows it as installed yes but there is no way to force the setting of the passcode as a user can just press the home button to skip it or it could be surpressed during installation due to another service taking priority thus never showing the user the set device code screen. In an environment like mine with multiple users per device where each of these users handles extremely sensitive data this won't get me through any audits.
To be clear I am not using Knox or any OEM specific profiles.