1. On the console, go to Home > Mobile Security > Overview and Reports > Device Compliance .
2. The Non-Compliant Devices Details page lists the enrolled devices and their levels of compliance.

Double-click any of the devices to see more details about its compliance status.

• Status Time- The last time the device status was logged to the Symantec Mobile Security server.
• Out-of-Date Engine- Whether the malware scan engine is current.  (Malware scan engines are automatically updated when LiveUpdate is run on the Android device.)
• Administrator disabled- Whether the device-administrator permissions on the mobile device have been revoked. The mobile device agent requires administrator permissions on the device to enable the security features such as locking the device and wiping data. (Device Administrator permissions are set or unset on each Android device.  This is not a setting that can be controlled from the Symantec Management Platform.)
• Out-of-touch- The device is turned off, or does not have cell service, wifi or other means of contacting its SMP server through the Mobile Security Gateway.  (Note that this is not an indicator of whose phone is turned on or off at any given instant.  If the device has not communicated in over 30 days, it will be listed as out-of-touch.) 
• GCM Registration Failed- The device is not registered to receive Google Cloud Messaging (GCM) messages.
• Rooted- Whether the factory-installed operating system has been circumvented. 

To ensure protection, administrators are encouraged to take necessary actions to ensure that the Android devices are made compliant.  (Run LiveUpdate on the Android to download the latest malware definitions and engine, ensure that "Mobile Security" is listed as a device administrator, etc.)