# Policy Enforcement Settings

Use **Policy Enforcement Rules** to set custom actions for any top-level policy violation. Each rule contains the name of the policy setting (settingName), and must specify the number of days a device or work profile can remain out of compliance with the setting before it's blocked (blockAfterDays) and then wiped (wipeAfterDays).

* If a device or work profile fails to comply with any of the policy settings, **Android Device Policy** immediately blocks usage of the device or work profile by default.
* If the device or work profile remains incompliant after 10 days, Android Device Policy will factory-reset the device or delete the work profile.

### Best practices for custom compliance rules <a href="#best_practices_for_custom_compliance_rules" id="best_practices_for_custom_compliance_rules"></a>

* `blockAfterDays` and `wipeAfterDays` should be set to no greater than `30`.
* `wipeAfterDays` must be greater than `blockAfterDays`.
* To block device or work profile usage immediately, set `blockAfterDays` to `0`.

![](https://1920795617-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MAzePNJAKsgL6R-VtV2%2F-MBERu2EU1bN_SlWjYvr%2F-MBESAMI4WXFTfJLGCcj%2Fpolicy-enforcement.png?alt=media\&token=7e67808f-804b-4821-96ef-3e84645c29bd)